This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Summit 2011 Working Sessions/Session091"
From OWASP
Sarah Baso (talk | contribs) (Created page with '{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions tab</noinclude> |- | summit_session_name = | summit_session_url = |- | summit_session_objec…') |
|||
| (23 intermediate revisions by 10 users not shown) | |||
| Line 1: | Line 1: | ||
| − | {{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions tab</noinclude> | + | {{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude> |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
|- | |- | ||
| + | |||
| summit_session_attendee_name1 = | | summit_session_attendee_name1 = | ||
| summit_session_attendee_email1 = | | summit_session_attendee_email1 = | ||
| − | | | + | | summit_session_attendee_username1 = |
| − | | summit_session_attendee_name2 = | + | | summit_session_attendee_company1= |
| − | | summit_session_attendee_email2 = | + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1= |
| − | | | + | |
| − | | summit_session_attendee_name3 = | + | | summit_session_attendee_name2 = Achim Hoffmann |
| − | | summit_session_attendee_email3 = | + | | summit_session_attendee_email2 = [email protected] |
| − | | | + | | summit_session_attendee_username2 = Achim |
| − | | summit_session_attendee_name4 = | + | | summit_session_attendee_company2= sic[!]sec |
| − | | summit_session_attendee_email4 = | + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2= |
| − | | | + | |
| + | | summit_session_attendee_name3 = Dan Cornell | ||
| + | | summit_session_attendee_email3 = [email protected] | ||
| + | | summit_session_attendee_username3 = | ||
| + | | summit_session_attendee_company3= Denim Group | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3= | ||
| + | |||
| + | | summit_session_attendee_name4 = Martin Knobloch | ||
| + | | summit_session_attendee_email4 = [email protected] | ||
| + | | summit_session_attendee_username4 = knoblochmartin | ||
| + | | summit_session_attendee_company4= PervaSec | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4= | ||
| + | |||
| summit_session_attendee_name5 = | | summit_session_attendee_name5 = | ||
| summit_session_attendee_email5 = | | summit_session_attendee_email5 = | ||
| − | | | + | | summit_session_attendee_username5 = |
| + | | summit_session_attendee_company5= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5= | ||
| + | |||
| summit_session_attendee_name6 = | | summit_session_attendee_name6 = | ||
| summit_session_attendee_email6 = | | summit_session_attendee_email6 = | ||
| − | | | + | | summit_session_attendee_username6 = |
| + | | summit_session_attendee_company6= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6= | ||
| + | |||
| summit_session_attendee_name7 = | | summit_session_attendee_name7 = | ||
| summit_session_attendee_email7 = | | summit_session_attendee_email7 = | ||
| − | | | + | | summit_session_attendee_username7 = |
| + | | summit_session_attendee_company7= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7= | ||
| + | |||
| summit_session_attendee_name8 = | | summit_session_attendee_name8 = | ||
| summit_session_attendee_email8 = | | summit_session_attendee_email8 = | ||
| − | | | + | | summit_session_attendee_username8 = |
| + | | summit_session_attendee_company8= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8= | ||
| + | |||
| summit_session_attendee_name9 = | | summit_session_attendee_name9 = | ||
| summit_session_attendee_email9 = | | summit_session_attendee_email9 = | ||
| − | | | + | | summit_session_attendee_username9 = |
| + | | summit_session_attendee_company9= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9= | ||
| + | |||
| summit_session_attendee_name10 = | | summit_session_attendee_name10 = | ||
| summit_session_attendee_email10 = | | summit_session_attendee_email10 = | ||
| − | | | + | | summit_session_attendee_username10 = |
| + | | summit_session_attendee_company10= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10= | ||
| + | |||
| summit_session_attendee_name11 = | | summit_session_attendee_name11 = | ||
| summit_session_attendee_email11 = | | summit_session_attendee_email11 = | ||
| − | | | + | | summit_session_attendee_username11 = |
| + | | summit_session_attendee_company11= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11= | ||
| + | |||
| summit_session_attendee_name12 = | | summit_session_attendee_name12 = | ||
| summit_session_attendee_email12 = | | summit_session_attendee_email12 = | ||
| − | | | + | | summit_session_attendee_username12 = |
| + | | summit_session_attendee_company12= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12= | ||
| + | |||
| summit_session_attendee_name13 = | | summit_session_attendee_name13 = | ||
| summit_session_attendee_email13 = | | summit_session_attendee_email13 = | ||
| − | | | + | | summit_session_attendee_username13 = |
| + | | summit_session_attendee_company13= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13= | ||
| + | |||
| summit_session_attendee_name14 = | | summit_session_attendee_name14 = | ||
| summit_session_attendee_email14 = | | summit_session_attendee_email14 = | ||
| − | | | + | | summit_session_attendee_username14 = |
| + | | summit_session_attendee_company14= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= | ||
| + | |||
| summit_session_attendee_name15 = | | summit_session_attendee_name15 = | ||
| summit_session_attendee_email15 = | | summit_session_attendee_email15 = | ||
| − | | | + | | summit_session_attendee_username15 = |
| + | | summit_session_attendee_company15= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15= | ||
| + | |||
| summit_session_attendee_name16 = | | summit_session_attendee_name16 = | ||
| summit_session_attendee_email16 = | | summit_session_attendee_email16 = | ||
| − | | | + | | summit_session_attendee_username16 = |
| + | | summit_session_attendee_company16= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16= | ||
| + | |||
| summit_session_attendee_name17 = | | summit_session_attendee_name17 = | ||
| summit_session_attendee_email17 = | | summit_session_attendee_email17 = | ||
| − | | | + | | summit_session_attendee_username17 = |
| + | | summit_session_attendee_company17= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17= | ||
| + | |||
| summit_session_attendee_name18 = | | summit_session_attendee_name18 = | ||
| summit_session_attendee_email18 = | | summit_session_attendee_email18 = | ||
| − | | | + | | summit_session_attendee_username18 = |
| + | | summit_session_attendee_company18= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18= | ||
| + | |||
| summit_session_attendee_name19 = | | summit_session_attendee_name19 = | ||
| summit_session_attendee_email19 = | | summit_session_attendee_email19 = | ||
| − | | | + | | summit_session_attendee_username19 = |
| + | | summit_session_attendee_company19= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19= | ||
| + | |||
| summit_session_attendee_name20 = | | summit_session_attendee_name20 = | ||
| summit_session_attendee_email20 = | | summit_session_attendee_email20 = | ||
| − | | | + | | summit_session_attendee_username20 = |
| + | | summit_session_attendee_company20= | ||
| + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20= | ||
| + | |- | ||
| + | | summit_track_logo = [[Image:T._mitigation.jpg]] | ||
| + | | summit_ws_logo = [[Image:WS._mitigation.jpg]] | ||
| + | | summit_session_name = Virtual Patching Best Practices | ||
| + | | summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session091 | ||
| + | | mailing_list = | ||
| + | |||
| + | |- | ||
| + | |||
| + | | short_working_session_description= The purpose of this session is to develop a framework methodology for organizations to use to help them to decided if/when/how to utilize virtual patching for identified web application vulnerabilities. | ||
| + | |||
| + | |- | ||
| + | |||
| + | | related_project_name1 = OWASP Best Practices: Use of Web Application Firewalls | ||
| + | | related_project_url_1 = http://www.owasp.org/index.php/Category:OWASP_Best_Practices:_Use_of_Web_Application_Firewalls | ||
| + | |||
| + | | related_project_name2 = Securing WebGoat with ModSecurity | ||
| + | | related_project_url_2 = http://www.owasp.org/index.php/Category:OWASP_Securing_WebGoat_using_ModSecurity_Project | ||
| + | |||
| + | | related_project_name3 = | ||
| + | | related_project_url_3 = | ||
| + | |||
| + | | related_project_name4 = | ||
| + | | related_project_url_4 = | ||
| + | |||
| + | | related_project_name5 = | ||
| + | | related_project_url_5 = | ||
| + | |||
| + | |- | ||
| + | |||
| + | | summit_session_objective_name1= Identify which attacks/vulnerabilities are best suited for virtual patching | ||
| + | |||
| + | | summit_session_objective_name2 = Identify which tools are best suited for virtual patching (appliance vs. embedded, WAFs vs IPS, etc...) | ||
| + | |||
| + | | summit_session_objective_name3 = Identify who should be responsible for virtual patching | ||
| + | |||
| + | | summit_session_objective_name4 = How to develop/test virtual patches | ||
| + | |||
| + | | summit_session_objective_name5 = | ||
| + | |||
| + | |- | ||
| + | |||
| + | | working_session_date_and_time = | ||
| + | |||
| + | |- | ||
| + | |||
| + | | discussion_model = participants and attendees | ||
| + | |||
| + | |- | ||
| + | |||
| + | | operational_resources = Projector, whiteboards, markers, Internet connectivity, power | ||
| + | |||
| + | |- | ||
| + | |||
| + | | working_session_additional_details = | ||
| + | |||
| + | |- | ||
| + | |||
| + | |summit_session_deliverable_name1 = White paper on “Effective Virtual Patching” that discusses the scenarios above. | ||
| + | |||
| + | |summit_session_deliverable_name2 = | ||
| + | |||
| + | |summit_session_deliverable_name3 = | ||
| + | |||
| + | |summit_session_deliverable_name4 = | ||
| + | |||
| + | |summit_session_deliverable_name5 = | ||
| + | |||
| + | |summit_session_deliverable_name6 = | ||
| + | |||
| + | |summit_session_deliverable_name7 = | ||
| + | |||
| + | |summit_session_deliverable_name8 = | ||
| + | |||
| + | |- | ||
| + | |||
| + | | summit_session_leader_name1 = Ryan Barnett | ||
| + | | summit_session_leader_email1 = [email protected] | ||
| + | | summit_session_leader_username1 = Rcbarnett | ||
| + | |||
| + | | summit_session_leader_name2 = | ||
| + | | summit_session_leader_email2 = | ||
| + | | summit_session_leader_username2 = | ||
| + | |||
| + | | summit_session_leader_name3 = | ||
| + | | summit_session_leader_email3 = | ||
| + | | summit_session_leader_username3 = | ||
| + | |||
| + | |- | ||
| + | |||
| + | | operational_leader_name1 = | ||
| + | | operational_leader_email1 = | ||
| + | | operational_leader_username1 = | ||
| + | |||
| + | |- | ||
| + | |||
| + | |||
| + | | meeting_notes = | ||
| + | |||
|- | |- | ||
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session091 | | session_name_mask = <!--Please replace DO NOT EDIT this string --> Session091 | ||
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session091 | | session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session091 | ||
| − | |||
}} | }} | ||
Latest revision as of 19:44, 25 February 2011
Global Summit 2011 Home Page
Global Summit 2011 Tracks
 Virtual Patching Best Practices
| ||||||
|---|---|---|---|---|---|---|
| Please see/use the 'discussion' page for more details about this Working Session | ||||||
| Working Sessions Operational Rules - Please see here the general frame of rules. |
| WORKING SESSION IDENTIFICATION | ||||||
|---|---|---|---|---|---|---|
| Short Work Session Description | The purpose of this session is to develop a framework methodology for organizations to use to help them to decided if/when/how to utilize virtual patching for identified web application vulnerabilities. | |||||
| Related Projects (if any) |
| |||||
| Email Contacts & Roles | Chair Ryan Barnett @ |
Operational Manager |
Mailing list Subscription Page | |||
| WORKING SESSION SPECIFICS | ||||||
|---|---|---|---|---|---|---|
| Objectives |
| |||||
| Venue/Date&Time/Model | Venue/Room OWASP Global Summit Portugal 2011 |
Date & Time
|
Discussion Model participants and attendees | |||
| |
|---|
| WORKING SESSION OPERATIONAL RESOURCES | ||||||
|---|---|---|---|---|---|---|
| Projector, whiteboards, markers, Internet connectivity, power | ||||||
| |
|---|
| WORKING SESSION ADDITIONAL DETAILS | ||||||
|---|---|---|---|---|---|---|
| WORKING SESSION OUTCOMES / DELIVERABLES | ||
|---|---|---|
| Proposed by Working Group | Approved by OWASP Board | |
|
White paper on “Effective Virtual Patching” that discusses the scenarios above. |
After the Board Meeting - fill in here. | |
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
| After the Board Meeting - fill in here. | ||
Working Session Participants
(Add you name by clicking "edit" on the tab on the upper left side of this page)
| WORKING SESSION PARTICIPANTS | ||||||
|---|---|---|---|---|---|---|
| Name | Company | Notes & reason for participating, issues to be discussed/addressed | ||||
| |
|
| ||||
| Achim Hoffmann @ |
sic[!]sec |
| ||||
| Dan Cornell @ |
Denim Group |
| ||||
| Martin Knobloch @ |
PervaSec |
| ||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
| |
| |||||
