OWASP Connector Nov 2016
The OWASP Foundation
|
|
|
 |
|
OWASP is Searching for our 2018 Global AppSec Locations!OWASP encourages any community member interested in hosting a OWASP Global Conference to submit a proposal.
To bid for a 2018 OWASP Global AppSec please complete the OCMS form http://www.tfaforms.com/301382 with the following information before February 28th, 2017.
By submitting an application, you are already demonstrating your commitment to OWASP. Hosting a conference requires both a commitment and a great deal of responsibility. A lot of time, energy and effort are needed during the proposing, planning and implementing phases of hosting a conference. For more information see the How to Host a Conference page. Should you have any questions concerning the proposal process or need assistance with your application, please do not hesitate to contact our Global Conference Manager Laura Grau. Application submissions are currently open and will remain open until February 28th, 2017. Applicants will be notified by March 31st, 2017. Your 2017 Board Has Been ElectedThank you to every one who voted in the 2017 Board of Directors election, your choice of representation matters. The OWASP Board consists of seven volunteers elected on alternating years to serve a two year term. These unpaid volunteers dedicate themselves to the organizational mission and playing a pivotal role in the software security community. Members of the Global Board of Directors are responsible for setting the strategic direction of the organization and ensuring the financial integrity of the Foundation. Our thanks to everyone who stood for the board this year, your willingness to take on time consuming duties to further OWASP's mission is greatly appreciated. OWASP is lucky to have such talented and active volunteers and we look forward to continuing to work with you. We are glad to announce that our new board members are: Andrew J van der Stock Matt Konda Johanna Curiel Check out the OWASP Blog for the full results. OWASP in the NEWS!Breaking Through At AppSecUSA 2016 - Information Security Buzz 11/23/2016 Alleged Adult Website Breach May Affect 412 Million Accounts - Bank InfoSecurity 11/14/2016 Companies in Saudi Arabia must look to the future for opportunities - Saudi Gazette 11/10/2016 AppSec California Announces Key Notes - PR Rocket 11/2/2016 OWASP PodcastsOWASP Projects and activities are often the subject of webcasts and podcasts. Sit back and relax as you watch and listen to these recent episodes. |
|
 |
|
New Project ReleasesOWASP Automated Threat Handbook Tin Zaw and Colin Watson announce version 1.1 of OWASP Automated Threat Handbook. The handbook is a product of OWASP Automated Threats to Web Application project. Key updates in this version are enumeration of countermeasure classes, application of countermeasures to specific threats and more examples of symptoms for each threat. You may purchase a hard copy on Lulu Press or download the PDF for free. Feedback and comments for v1.2 are welcome via mailing list and email. OWASP Core Rule Set Chaim Sanders and the Core Rules Set team are proud to announce OWASP Core Rule Set (CRS) Version 3.0.0 (stable). OWASP CRS is a set of generic rules similar to the the OWASP Top 10, designed to protect users against threat. The rule set is most often deployed in conjunction with an existing Web Application Firewall like ModSecurity. This latest version features many changes that help make CRS a valuable part of a Defense in Depth strategy for protecting you web application, including:
To download a copy or to submit any issue, please visit our Github. If you are seeking additional information about the release, please check out this accompanying blog post. The OWASP CRS team is truly excited and pleased with this release, there are even rumors this new rule set is being made into a movie. Corralling the Vulnerability Chaos; With Live DemoFour short years ago, I spent 35% of my time actually hacking on products and 65% of my time writing reports and recording metrics. Our team tried a multitude of tools to make our lives easier, but it seemed to only increase our turnover rates. The landscape of security has never been harder to manage with the numerous hoops engineers and penetration testers have to jump through to actually do their job. The frustration and lack of options led to DefectDojo, a free and open-source vulnerability management tool.   DefectDojo is meant to be a tool that not only stores findings, but also helps to streamline your entire application security program. It simplifies vulnerability management by offering templating, report generation, metrics, scanner finding deduplication, and baseline self-service tools to allow engineers and penetration testers to spend their time on their actual expertise, hacking. Comprehensive details on all of DefectDojo’s features can be found on our official docs. Learn more including sample reports and live demo at the OWASP Blog. |
|
 |
|
Global AppSec EventsAppSec Europe 2017 May 8 - 12, 2017, Belfast, UK
AppSec USA 2017 September 19 - 22, 2017, Orlando, Florida, USA Regional and Local EventsAppSec Rio de a Plata 2016 December 1 - 2, 2016, Rio de la Plata, Uruguay AppSec Cali 2017 January 23 - 25, 2017, Santa Monica, CA, USA AppSec Africa 2017 February 1 - 2, 2017, Marrakech, Morocco SnowFROC 2017 March 16, 2017, Denver, CO, USA Latam Tour 2017 April 3 - 28, 2017, South America OWASP Middle East Cyber Security Conference 2017 May 3 - 4, 2017, Dubai, UAE Partner and Promotional Events(ISC)2 Secure London December 6, 2016 London OWASP Members Save 10% by using discount code ISC2LONOWASP Infosecurity Boston Conference December 6-7, 2016 Boston, MA (ISC)2 Secure Croatia December 15, 2016 Croatia OWASP member save 10% by using discount code: ISCEEWASP IoT Tech Expo Global 2017 January 23-24, 2017 Olympia, London OWASP members save 20% by using discount code: OWASP20 Cyber Resilience & InfoSec 2017 February 6-7, 2017 Abu Dhabi, U.A.E. SC Congress London February 23, 2017 London, UK CyberCentral April 4-6, 2017 Prague, Czech Republic QuBit Conference 2017 April 4-6, 2017 Prague, Czech Republic OWASP members save 10% by using discount code: QB17OWASP SC Congress New York May 2, 2017 New York, NY Techno Security & Digital Forensics Conference June 4-7, 2017 Myrtle Beach, SC SC Congress Toronto June 13-14, 2017 Toronto, Canada |
|
|
Ads are not endorsements and reflect the messages of the advertiser only.They represent co-marketing arrangements
with other organizations in support of the OWASP Community. CLICK HERE for more information on advertising. |
 |
 |
 |
|
 |
|
Notable Chapter ActivityOWASP-Jaipur conducted On The Go Web Application Security Meetup for college students at AMITY UNIVERSITY JAIPUR, RAJASTHAN for the to increase awareness of web application security among the college level students. This one day event garnered 92 student-attendees.  There are many future sessions and meetups planned. Share Your Stories! We at the OWASP Global Foundation are looking forward to hearing about more such events in future. Share your chapter's successes! Submit your stories to sup...@owasp.org OWASP Membership is a great way to contribute to our local chapters and projects. A portion of your membership can be allocated to the chapter and/or project of your choice. Please show your support for OWASP Projects and Chapters by becoming an Individual or Corporate member today! |
|
 |
|
|
We would like to thank the following companies for supporting the OWASP Foundation. The companies listed below have contributed this month by either renewing their existing Corporate Membership or joining OWASP as a new Corporate Member. Details about Corporate Membership can be found here.
Premier Corporate Member
Fortify is the only solution that secures and protects code throughout the entire development lifecycle of any type of software—from development to testing, release to production and every iteration in between. Fortify static, dynamic, interactive, and runtime security testing technologies are available on demand or through several licensing models, offering organizations the flexibility needed to build an end-to-end software security assurance program. To learn more, please visit: http://www8.hp.com/us/en/software-solutions/application-security/index.html
Contributor Corporate Members
For more information, please visit: https://www.smartrac-group.com/
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world's 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software quality and security solutions. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest quality and security, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.
Verizon Digital Media Services is the industry’s only single, end-to-end digital media platform that can prepare, deliver, display and enable the monetization of online content. The platform is built on the world’s largest, most connected network, and has over 90 points of presence on five continents, ensuring high-quality viewing of digital content on any device, anytime, anywhere. The company provides the foundational components in the websites, apps and OTT video services for many of the world’s largest publishers, media companies and enterprises. Verizon Digital Media Services is part of AOL Inc. Learn more about how Verizon Digital Media Services continues to change the way the world watches at www.verizondigitalmedia.com.
Want your name here? Find out how by visiting our Corporate Member information page, or contact Kelly Santalucia today! Thanks to all of our Premier and Contributor Corporate Members for your support in 2016! |
|
 |
|
OWASP Social Media Sites |
|
|
Click to view this email in a browser
If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe |
|
The OWASP Foundation 1200-C Agora Drive #232 Bel Air, Maryland 21014 US
|
