Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Published byLawrence Benson Modified over 8 years ago

Similar presentations

Presentation on theme: "Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP."— Presentation transcript:

1 Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation OWASP http://www.owasp.org OWASP Projects Portal Launch! Jason Li Global Projects Committee jason.li@owasp.org AppSec USA 2011 About the

2 OWASP The Prologue  OWASP Projects are:  Open Source  Freely Available  Anyone Can Start  Anyone Can Contribute  Anyone Can Use  Documentation, Tools, Code  Hugely successful - over 140 projects!! 2

3 OWASP 3 The Problem OWASP AntiSamy Project OWASP Application Security Verification Standard Project OWASP Book Cover & Sleeve Design OWASP Code Review Guide Project OWASP Codes of Conduct OWASP CSRFGuard Project OWASP Development Guide Project OWASP Enterprise Security API OWASP ModSecurity Core Rule Set Project OWASP Secure Coding Practices - Quick Reference Guide OWASP Software Assurance Maturity Model (SAMM) OWASP Testing Guide Project OWASP Top Ten Project OWASP Web Testing Environment Project OWASP WebGoat Project OWASP Zed Attack Proxy JBroFuzz OWASP AIR Security Project OWASP AppSec Tutorial Series OWASP AppSensor Project OWASP Broken Web Applications Project OWASP Cloud ‐ 10 Project OWASP CSRFTester Project OWASP CTF Project OWASP EnDe Project OWASP Fiddler Addons for Security Testing Project OWASP Forward Exploit Tool Project OWASP Fuzzing Code Database OWASP Hackademic Challenges Project OWASP Hatkit Datafiddler Project OWASP Hatkit Proxy Project OWASP HTTP POST Tool OWASP Java XML Templates Project OWASP JavaScript Sandboxes Project OWASP Joomla Vulnerability Scanner Project OWASP LAPSE Project OWASP Legal Project OWASP Mantra Security Framework OWASP Mutillidae Project OWASP O2 Platform OWASP Orizon Project OWASP Podcast Project OWASP Scrubbr OWASP Secure Web Application Framework Manifesto OWASP Security Assurance Testing of Virtual Worlds Project OWASP SWAAT Project OWASP Vicnum Project OWASP Wapiti Project OWASP Web Browser Testing System Project OWASP WebScarab Project OWASP Webslayer Project OWASP WSFuzzer Project OWASP Yasca Project Virtual Patching Best Practices OWASP Access Control Rules Tester Project OWASP Application Security Metrics Project OWASP AppSec FAQ Project OWASP ASDR Project OWASP Backend Security Project OWASP Best Practices: Use of Web Application Firewalls OWASP CAL9000 Project OWASP CLASP Project OWASP CodeCrawler Project OWASP Content Validation using Java Annotations Project OWASP DirBuster Project OWASP Encoding Project OWASP Google Hacking Project OWASP Insecure Web App Project OWASP Interceptor Project OWASP JSP Testing Tool Project OWASP LiveCD Education Project OWASP Logging Guide OWASP NetBouncer Project OWASP Open Review Project OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp Project OWASP OpenSign Server Project OWASP Pantera Web Assessment Studio Project OWASP PHP Project OWASP Report Generator OWASP Ruby on Rails Security Guide V2 OWASP Scholastic Application Security Assessment Project OWASP Security Analysis of Core J2EE Design Patterns Project OWASP Security Spending Benchmarks Project OWASP Site Generator Project OWASP Skavenger Project OWASP Source Code Flaws Top 10 Project OWASP Source Code Review for OWASP-Projects Project OWASP Sprajax Project OWASP Sqlibench Project OWASP sqliX Project OWASP Stinger Project OWASP Teachable Static Analysis Workbench Project OWASP Tiger OWASP Tools Project OWASP Uniform Reporting Guidelines OWASP Validation Project OWASP Webekci Project OWASP Common Numbering Project OWASP Application Security Requirements Project OWASP Favicon Database Project OPA OWASP Academy Portal Project OWASP AJAX Security Project OWASP Alchemist Project OWASP Application Security Assessment Standards Project OWASP Application Security Program for Managers OWASP Application Security Skills Assessment OWASP ASIDE Project OWASP Browser Security ACID Test Project OWASP Browser Security Project OWASP Computer Based Training Project (OWASP CBT Project) OWASP Enterprise Application Security Project OWASP ESOP Framework OWASP Exams Project OWASP GoatDroid Project OWASP iGoat Project OWASP Java Encoder Project OWASP Java HTML Sanitizer Project OWASP Mobile Security Project OWASP Myth Breakers Project OWASP Project Partnership Model OWASP Proxy Project OWASP Request For Proposal OWASP Secure Password Project OWASP Secure the Flag Project OWASP Security Baseline Project OWASP Security Ecosystems Project OWASP Software Security Assurance Process OWASP Threat Modeling Project OWASP WhatTheFuzz Project OWASP Web Application Security Accessibility Project OWASP ESAPI C++ Project OWASP ESAPI C Project OWASP Data Exchange Format Project OWASP Cheat Sheets Project OWASP Security Tools for Developers Project OWASP SIMBA Project OWASP VFW Project

4 OWASP The Vision  Provide a way to enable:  Consumers to find projects of value and relevance  Community members to provide feedback to leaders  Contributors to be recognized for work  GPC to support and promote projects 4 FindFeedback FameFoundation

5 OWASP The Path  Partnered w/ Geeknet (creators of SourceForge)  OWASP Neighborhood to house metadata about projects  SourceForge infrastructure will be available to OWASP Projects 5 by

6 OWASP The Reason  Summary Page  (Enables users to find projects of value and relevance)  Reviews feature  (Enables community members to provide feedback to leaders)  Tracking / Plugins  (Enables contributors to be recognized for work)  Metadata Repository  (GPC to support and promote projects) 6

7 OWASP The Cool Stuff  Incubator, Labs, Flagship, Archive  Enables users to distinguish developing projects from mature ones  Entirely Community Driven  Open review system drives:  Elevation process  Benefits for projects (e.g. graphic design, code signing, etc)  Promotion and visibility 7

8 OWASP The Timeline 8 Launch Day! September 2011

9 OWASP The Timeline  September 23 rd, 2011 (AppSec USA)  Call for volunteers (five projects so far!)  January 1 st 2012 (New Year’s)  Current projects inventory metadata migrated  First batch of volunteer projects go live  July 13 th, 2012 (AppSec EU)  All new projects go automatically through portal  General Availability 9

10 OWASP The End 10

Download ppt "Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP."

Similar presentations

OWASP Broken Web Applications (OWASP BWA): Beyond 1.0

OWASP Broken Web Applications (OWASP BWA): Beyond 1.0
Copyright © 2005 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Summit 2011 Outcomes PRESENTED BY __________. About the Summit Over 180 application security experts from over 120 companies, 30 different countries,

Summit 2011 Outcomes PRESENTED BY __________. About the Summit Over 180 application security experts from over 120 companies, 30 different countries,
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
OpenSAMM Software Assurance Maturity Model Seba Deleersnyder SAMM project co-leaders Pravir Chandra AppSec USA 2014 Project.

OpenSAMM Software Assurance Maturity Model Seba Deleersnyder SAMM project co-leaders Pravir Chandra AppSec USA 2014 Project.
OWASP Overview Germany 2008 Conference

OWASP Overview Germany 2008 Conference
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Copyright © 2009 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
The OWASP Foundation ABC About me MOSHIUL ISLAM, CISA A: Information System Auditor B: Currently working for a Bank – EBL, IT Security.

The OWASP Foundation ABC About me MOSHIUL ISLAM, CISA A: Information System Auditor B: Currently working for a Bank – EBL, IT Security.
The OWASP Foundation AppSec DC Learning by Breaking A New Project for Insecure Web Apps Chuck Willis Technical Director MANDIANT

The OWASP Foundation AppSec DC Learning by Breaking A New Project for Insecure Web Apps Chuck Willis Technical Director MANDIANT
Copyright © 2009 - The OWASP Foundation This work is available under the Creative Commons SA 3.0 license The OWASP Foundation OWASP

Copyright © The OWASP Foundation This work is available under the Creative Commons SA 3.0 license The OWASP Foundation OWASP
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
What is OWASP OWASP Live CD Live Demo Omar Sherin-OWASP Egypt.

What is OWASP OWASP Live CD Live Demo Omar Sherin-OWASP Egypt.
The OWASP Foundation Setting up a Secure Development Life Cycle with OWASP Seba Deleersnyder OWASP Foundation Board.

The OWASP Foundation Setting up a Secure Development Life Cycle with OWASP Seba Deleersnyder OWASP Foundation Board.
Copyright © 2010 - The OWASP Foundation This work is available under the Creative Commons SA 2.5 license The OWASP Foundation OWASP BeNeLux 2010

Copyright © The OWASP Foundation This work is available under the Creative Commons SA 2.5 license The OWASP Foundation OWASP BeNeLux 2010
Security Scanning OWASP Education Nishi Kumar Computer based training

Security Scanning OWASP Education Nishi Kumar Computer based training
OWASP - Where we are… where we are going

OWASP - Where we are… where we are going
Copyright © 2006 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Similar presentations

Ads by Google