March 17, 2015 || www.owasp.org | Contact Us | Brought to you by the OWASP Foundation
|
|
|
Where do we go from here - OWASP releasing strategic goals for 2015!by Tobias Gondrum, Chairman of the BoardOver the last years OWASP has grown and further followed our successful path improving Web and Application Security around the world. Today, our organization is in great shape and we are building up to what is promising to become a fantastic year 2015 for OWASP! In the previous years we frequently set strategic goals to focus our global activities and to further our mission in specific and measurable ways. It is important to note that these goals are by no means a view to limit our community activity on only these goals. But rather the goals are to inspire new actions in addition to our already many ongoing great activities and to focus some of our efforts where we see great potential for OWASP and our mission to make application security more visible around the world. This year we wanted to include more community feedback into these goals. In January, we sent out a survey to the OWASP Community asking for your thoughts on our strategic goals for 2015. And we received an amazing high turnout and feedback from over 1,100 people responding to our survey. Thank you all for that! Your feedback was extremely valuable and greatly appreciated! It guided our priorities in 2015 and beyond. And we also received a lot of messages from volunteers in the survey who want to join some of the activities on these goals. Don't worry we will get back to you on this, now. Today we proudly release the following three strategic goals for 2015:
For More details on these goals and some of the actions we plan to do to achieve them, please take a look at our WIKI PAGE Over the recent months and years, we already see amazing new chapter activities, project work and a lot of people from the community joining as volunteers and leaders. We are an open community organisation, and every activity is driven by you, our thousands of volunteers, members and leaders around the world. So if you have an idea how to contribute to the goals above (or any other exciting OWASP activity), we like to hear from you. If you like to join one of our many activities, please let us know, join the community list (owasp-community@lists.owasp.org, free to join for everyone) and post your interest or idea there to find other interested people to join you, or write to our community manager Noreen Whysel.
We want you to get involved! YOU are OWASP - OWASP needs YOU! With that, I wish all of us an amazing and exciting time ahead. Tobias Gondrom, Chairman of the Board |
|
OWASP Adrenaline2014 OWASP Annual Report Call for ContentThe OWASP Foundation is looking for exciting and illustrative success stories from YOU, the community for inclusion in our 2014 Annual Report. This years theme is simply: Growing, Learning, Sharing, Leading. Tell us how you and your team worked to spread the OWASP mission [link to mission statement] in 2014. Here are some ideas but feel free to be creative!
Submit your content - articles, pictures, ideas [here] by April 14, 2015. This is your opportunity to share with the world why you participate. We want everyone to contribute! Everyone’s story is important to the Foundation. Become globally famous by submitting your picture and/or brief bio so we can be sure to give you credit for your contribution. Of course, you may also request to remain anonymous if you prefer. |
|
OWASP and 2015 LATAM Tour represented on Mundo Hacker TVOWASP was represented on Mundo Hacker TV by Fabio Cerullo CLICK HERE to watch the entire interview. |
|
|
|
|
New Corporate MembersRenewed Corporate Members |
|
|
|
|
OWASP AppSec EU UpdatesThe Keynotes have been published and the program is taking shape!
Tuesday 19th May, 2015 Wednesday 20th May, 2015 Thursday and Friday 21st and 22nd May, 2015 Conference Days including: Keynotes, CISO, DEV, Hack, Ops, and Research talks, HackPra Allstars, Hands on sessions, and more ... OWASP is soliciting training providers for the AppSec USA Conference. Please submit via this Google Form. Submission Deadline is April 15, 2015
We are interested in all topics related to Web Application Security and OWASP, in particular, but not limited to (these are just examples): More information on the Call for Training can be found HERE Join us for the first OWASP SAMM Project Summit in Dublin March 27-28. Friday is User Day covering talks, training, and round tables followed by a social event. Saturday is Project Day covering the release of version 1.1, workshops, and roadmap discussions Participate and steer one of our great flagship projects to the next level! Details and registration can be found HERE. Follow us on twitter @OwaspSAMM Info Security Indonesia Conference (March 24, 2015) Jakarta, Indonesia BlackHat Asia 2015 (March 24-27, 2015) Singapore. OWASP members receive $200 off briefings using code BRow200. (ISC)2 SecureIreland Conference 2015 (March 31, 2015) Dublin Ireland. OWASP Members receive 20% off general event fees. Discount code OWASPISSCIRE Cyber Security Summit Europe - Financial Sector (April 14-15, 2015) Prague, Czech Republic. OWASP Members receive 20% off general event fees. Discount code CSSOW AppsWorld Germany 2015 (April 22-23, 2015) Berlin, Germany AppsWorld North America 2015 (May 12-13, 2015) San Francisco, CA SANS CyberTalent Fair (May 14-15, 2015) Virtual, online International Conference on Cyber Security (ICCS) (May 16-17, 2015) City of Redlands, CA. OWASP members receive 25% off the general event fee. Discount code ICCSOWASP Cloud Security World 2015 (May 19-21, 2015) New Orleans, LA..OWASP members receive a 25% discount off standard event fee. Discount code CLD15-OWASP Hack In the Box (May 26-29, 2015) OWASP members receive 20% off by using discount code OWASP-HITB2015AMS SC Congress Toronto (June 10 - 12, 2015) Toronto, Canada. Register with your @owasp email address and receive a discount. EuroPython 2015 (July 20-26, 2015) Bilbao, Spain Info Security Malaysia Conference (August 6, 2015) Kuala, Lumpur |
|
|
|
|
|
|
|
OWASP Chapters
|
New ChaptersSouthern New Hampshire - Chapter Leaders - James Burroughs and Edmond Holohan Knoxville, TN - Chapter Leader - Daniel Harvey Bihar, India - Chapter Leader - Nishant Northern Sweden - Chapter Leaders - Markus Örebrand and Magnus Hultdin Chapter TransitionsGuatemala - New Chapter Leaders - Pablo Barrera and Camilo Fernandez Busan, Korea - Chapter Leaders - Jang-Goon Sohn (Treasurer), Park Chang-Hyun, and Jang Byeong-jo Share your chapter's successes! Submit your stories here |
|
|
|
|
OWASP Dependency-Track 1.0.0 ReleasedDependency-Track is a webapp that allows organizations to document the use of third-party components across multiple applications and versions. Further, it provides automatic visibility into the use of components with known vulnerabilities. Dependency-Track compliments the wildly successful and highly useful Dependency-Check project by embedding its core engine and fulfilling additional use cases. It's another tool to combat the A9 problem. You can get more information about the project and the release HERE OWASP Vicnum Project UpdatedThe OWASP Vicnum Project has been updated to include a vulnerable XXE VM at http://xxe.sourceforge.net/ This VM was used in recent CTF events including the Breaking Bad challenge event at AppSec USA 2013 in NYC. As with other vulnerable or broken apps, the basic goal of the project is to:
OWASP Dependency Check 1.2.9 releasedThe OWASP Dependency-check team is pleased to announce the release of 1.2.9! This release contains general maintenance, upgrading dependent libraries, minor bug fixes, etc. Please visit the documentation site for information on obtaining the new version (CLI, Maven Plugin, Ant, Task, Jenkins Plugin) The changes of note are:
We continue to get help from the github community! This release includes PRs from Ahmet Kiyak and Hans Joachim Desserud. Thanks for all your help! OWASP CISO Guide Translated into SpanishYou can reference it OWASP Vicnum ProjectHERE. | |
|
|
|
OWASP Social Media Sites |
|
|
|
|