This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Summit 2011 Working Sessions/Session052

From OWASP
Revision as of 15:26, 29 January 2011 by Mmeucci (talk | contribs)

Jump to: navigation, search

Global Summit 2011 Home Page
Global Summit 2011 Tracks

WS. individual projects.jpg OWASP Testing Guide
Please see/use the 'discussion' page for more details about this Working Session
Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Short Work Session Description We need to define:


- an updated vulnerability list to test (from the OWASP Common Vulnerabiltity list)
- Create a more readable guide, eliminating some sections that are not really useful,
- Insert new testing techniques: HTTP Verb tampering, HTTP Parameter Pollutions, etc.,
- Rationalize some sections as Session Management Testing,
- Debate if create a new section: Client side security and Firefox extensions testing.

Related Projects (if any)


Email Contacts & Roles Chair
Matteo Meucci @

Operational Manager
Giorgio Fedon
Mailing list
Subscription Page
WORKING SESSION SPECIFICS
Objectives
  1. Show the v3, and debating what we need to create an excellent v4

Venue/Date&Time/Model Venue/Room
OWASP Global Summit Portugal 2011
Date & Time
TODO


Discussion Model
participants and attendees

WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power

WORKING SESSION ADDITIONAL DETAILS
WORKING SESSION OUTCOMES / DELIVERABLES
Proposed by Working Group Approved by OWASP Board

An updated outline for the testing guide that is tied into the OWASP common numbering scheme

After the Board Meeting - fill in here.

A short white paper with ideas for revisions to the Testing Guide for evaluation and discussion by the community at large.

After the Board Meeting - fill in here.

A committed project manager who can reach out to experts to get the document completed.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

Working Session Participants

(Add you name by clicking "edit" on the tab on the upper left side of this page)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed
Nishi Kumar @
FIS

Cecil Su @
GT

Lucas C. Ferreira @


Colin Watson @


Achim Hoffmann @
sic[!]sec

Tom Neaves @
Verizon Business

Vishal Garg @
AppSecure Labs

Giorgio Fedon @
Minded Security

Stefano Di Paola @
Minded Security

Pavol Luptak @
Nethemba