Scribd Logo
Upload

Welcome to Scribd!

  • Owasp Mosc2010 - Tour of Owasp Projects

    Uploaded by

    MOSC2010
    113 views27 pages
    OWASP Body of Knowledge

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    OWASP Body of Knowledge

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    113 views27 pages

    Owasp Mosc2010 - Tour of Owasp Projects

    Uploaded by

    MOSC2010
    OWASP Body of Knowledge

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 27

    OWASP &

    What It Can Do For You:


    Tour of OWASP’s projects
    Cecil Su
    cecil.su@owasp.org

    1st July 2010

    OWASP
    AppSec India
    Aug 2008 Copyright © 2007 - The OWASP Foundation
    This work is available under the Creative Commons SA 2.5
    license

    The OWASP Foundation


    http://www.owasp.org
    My Involvement with OWASP

    Started playing with WebGoat in 2003


    Contributed to the OWASP Testing Guide v3.0
    Elected to the Global Education Board in 2008
    Organized translation works for Asian Languages
    (B.Malaysia, Vietnamese, Korean, Japanese and
    Chinese [simplified and traditional])
    Spreading awareness for secure coding practices in
    OWASP Chapters and IHLs

    OWASP 2
    OWASP Tools and Technology

    OWASP 3
    OWASP Body of Knowledge Guidance and Tools
    for Measuring and
    Guide to Application Managing
    Security Testing and Application
    Guide to Application Security
    Security Code
    Review

    Verifying Managing
    Application Application
    Guide to Building Security Security
    Secure Web
    Applications and
    Web Services

    Acquiring and Application


    Core Application
    Building Security
    Security
    Secure Tools
    Knowledge Base
    Applications Tools for Scanning,
    Testing,
    Simulating, and
    st c ej or P

    sr et pah C

    Reporting Web
    AppSec Application
    Research to
    s ec ner ef no C c eSpp A

    Education and Security Issues


    Research Projects Secure New
    Technologies CBT
    to Figure Out How Principles
    to Secure the Use Threat Agents,
    OWASP Community Platform
    of New Web Based Attacks,
    (wiki, forums, mailing lists)
    Technologies (like Learning Vulnerabilities,
    Ajax) Environment and Impacts, and
    Guide for Learning Countermeasures
    OWASP Foundation 501c3 Application
    Security
    OWASP
    Top level view
    There are a lot of OWASP projects

    OWASP
    OWASP projects by numbers

    Total Projects: 88 (34 with SoC Grant)

    Tools: 42 (16 with SoC 08 Grant)


    Documentation: 32 (12 with SoC 08 Grant)
    Technologies: 9 (2 with SoC 08 Grant)
    Activities: 5 (4 with SoC 08 Grant)

    OWASP
    Documentation projects

    OWASP
    Activities, Technologies

    OWASP
    Tools

    OWASP
    SoC 09 projects – 126,000 USD in
    Grants

    OWASP
    10 Projects you should
    know about
    1) OWASP Top 10 (Release Quality)

    OWASP
    OWASP
    2) OWASP Testing Guide v3 (Release
    Quality)

    OWASP
    3) Legal Project (Release Quality)

    OWASP
    OWASP
    4) Code Review (Beta Quality)

    OWASP
    Code review is currently under a SoC 09
    grant

    OWASP
    5) ESAPI (Beta Quality)

    OWASP
    6) ADSR (Beta Quality)

    OWASP
    7) Web Goat (Release Quality)

    OWASP
    8) OWASP Encoding Project (Beta/Release
    Quality)

    OWASP
    9) WebScarab (Release Quality)

    OWASP
    10) OotM - OWASP on the Move
    (Release)

    OWASP
    OotM Marketplace

    OWASP
    Questions and Answers

    OWASP

    You might also like