Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Published byMervin Lawson Modified over 8 years ago

Similar presentations

Presentation on theme: "Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP."— Presentation transcript:

1 Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation OWASP http://www.owasp.org Good WebAppSec Resources Module (to be combined) Education Project

2 OWASP 2 Just the start!  Moving Target  Changing Ecosystem

3 OWASP 3 Hard Copy

4 OWASP 4 Hard Copy  IEEE Security & Privacy (bimonthly magazine)  Security Engineering – Anderson (free download)  Building Secure Software – Viega & McGraw  Secure Coding – Graff & van Wyk  Exploiting Software : How to Break Code – Hoglund & McGraw  19 Deadly Sins of Software Security - Howard, LeBlanc & Viega  Hacking Exposed Web Applications (2nd Ed) – Joel Scambray, Mike Shema, Caleb Sima  Writing Secure Code (2nd Ed) – Howard & Leblanc  Enterprise Java Security – Pistoia, et al

5 OWASP 5 Hard Copy  Secure Programming with Static Analysis – Brian Chess, Jacob West  The Art of Software Security Assessment – Mark Dowd, John McDonald, Justin Schuh  The Security Development Lifecycle – Michael Howard  Threat Modeling – Frank Swiderski, Window Snyder  Securing Web Services with WS-Security – Rosenberg & Remy  Core Security Patterns – Steel, Nagappan & Ray Lai  Security Metrics – Andrew Jaquith  Software Security: Building Security In – Gary McGraw

6 OWASP 6 6 OWASP Projects Are Alive! 2001 2003 2005 2007 2009 …

7 OWASP 7 Web Sites

8 OWASP 8 8 www.owasp.org

9 OWASP 9 OWASP Knowledge and Tools Core Application Security Knowledge Base Acquiring and Building Secure Applications Verifying Application Security Managing Application Security Application Security Tools AppSec Education and CBT Research to Secure New Technologies Guide to Building Secure Web Applications and Web Services Guide to Application Security Testing and Guide to Application Security Code Review Tools for Scanning, Testing, Simulating, and Reporting Web Application Security Issues Web Based Learning Environment and Education Project Guidance and Tools for Measuring and Managing Application Security Research Projects on Securing New Technologies (like Web Services & Ajax)

10 OWASP 10 Online  www.cgisecurity.com www.cgisecurity.com  www.webappsec.org www.webappsec.org  buildsecurityin.us-cert.gov buildsecurityin.us-cert.gov  www.cert.org www.cert.org  www.sans.org www.sans.org  www.securityfocus.com www.securityfocus.com  Tools  www.owasp.org/index.php/Phoenix/Tools www.owasp.org/index.php/Phoenix/Tools

11 OWASP 11 Mailing Lists

12 OWASP 12 Mailing Lists  OWASP Project Mailing lists  Secure Coding List  WebAppSec@securityfocus.com  websecurity@webappsec.org (WASC)  SANS NewsBites

13 OWASP 13 Blogs

14 OWASP 14 Blog Selection  ha.ckers.org/blog (RSnake) ha.ckers.org/blog  shiflett.org (Chris Shiflett) shiflett.org  jeremiahgrossman.blogspot.com jeremiahgrossman.blogspot.com  www.gnucitizen.org (PDP) www.gnucitizen.org  sylvanvonstuppe.blogspot.com sylvanvonstuppe.blogspot.com  www.memestreams.net/users/Acidus (Billy Hoffman) www.memestreams.net/users/Acidus  taosecurity.blogspot.com (Richard Bejtlich) taosecurity.blogspot.com  www.dhanjani.com (Nitesh Dhanjani) www.dhanjani.com  Check Anurag Agarwal’s Reflection SeriesReflection

Download ppt "Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP."

Similar presentations

Copyright © 2005 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © 2007 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © 2008 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
August 1, 2006 XP Security. August 1, 2006 Comparing XP and Security Goals XP GOALS User stories No BDUF Refactoring Continuous integration Simplicity.

August 1, 2006 XP Security. August 1, 2006 Comparing XP and Security Goals XP GOALS User stories No BDUF Refactoring Continuous integration Simplicity.
August 1, 2006 Software Security. August 1, 2006 Essential Facts Software Security != Security Features –Cryptography will not make you secure. –Application.

August 1, 2006 Software Security. August 1, 2006 Essential Facts Software Security != Security Features –Cryptography will not make you secure. –Application.
Developing Secure Systems Introduction Jan 8, 2013 James Joshi, Associate Professor.

Developing Secure Systems Introduction Jan 8, 2013 James Joshi, Associate Professor.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © 2006 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Copyright © 2007 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Copyright © 2007 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Copyright 2008 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright 2008 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © 2011 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
March 4, 2008 ISACA Web Application Security James Walden Northern Kentucky University

March 4, 2008 ISACA Web Application Security James Walden Northern Kentucky University
Copyright © 2011 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © 2006 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Similar presentations

Ads by Google