CISO Survey and later the CISO Report on Application and Information Security trends. Also providing input and data for the CISO guide. Please contact Tobias Gondrom if you wish to contribute to the project.
OWASP Application Security Guide for CISOs Project
The purpose of this document is to guide the CISO in managing application security from initial problem statement to delivery of the solution. We start this journey with the creation of the business cases for investing in application security following with the awareness of threats targeting applications, the identification of the economical impacts, the determination of a risk mitigation strategy, the prioritization of the mitigation of the risk of vulnerabilities, the selection of security control measures to mitigate risks, the adoption of secure software development processes and maturity models and we conclude this journey with the selection of metrics for reporting and managing application security risk. Please contact Marco Morana if you wish to contribute to the project.
OWASP O-Saft Project
This tools lists information about remote target's SSL certificate and tests the remote target's SSL connection according given list of ciphers and various SSL configurations. Please contact Achim Hoffmann if you wish to contribute to the project.
OWASP has made tremendous strides over the past decade and we're looking forward to an exciting 2013. As we all see in news nearly every day technology is playing an increasing role in every aspect of our lives. Unfortunately, in many situations failures in application security are placing users and data at risk. As we continue to foster technology growth and further integration with web applications the security of our systems will dictate the success or failure of many initiatives. Let's leverage security as an enable to safely drive technology into new and expanded roles throughout the world.
Join us in 2013 to build the OWASP community. Join your local chapter, contribute to a project or join us at a conference or on our mailing list to discuss issues on your mind. OWASP is a platform to make application security risks visible, encourage research, and increase knowledge sharing. We're looking forward to a great year and hope you can join us to continue advancing OWASP and the field of application security.
The initial 2013 Global Webinars will be held January 10th, 2013. Two meetings will be held to accommodate different time zone challenges.
To participate in the 9am (Eastern Time Zone) discussion:
To participate in the 9pm (Eastern Time Zone) discussion:
Registration is Now OPEN The OWASP South Korea chapterwill host the OWASP AppSec APAC 2013 conference in Jeju, South Korea at the Hyatt Regency Jeju. The event will be composed of 2 days of training (February 19-20), followed by 2 days of conference talks (February 21-22).
Chapter Leader Workshop
Sign up for the chapter leader workshop taking place on Wednesday evening, February 20th from 6:30 to 9:30 pm. The Chapter Leader Workshop will continue to follow the Q & A format used during AppSec USA and AppSec LATAM. Questions and discussion will focus on sections of the Chapter Leader Handbook, OWASP Global Chapter resources, and local chapter challenges. Dinner will be provided for workshop participants. To confirm your participation in the event, register for the conference and be sure to select "Chapter Leader Workshop" as an optional registration item.
Training Classes have now been posted to the website. See below for a sneak peek at some of our class offerings. Please visit the Appsec APAC 2013 website for the complete list.
Congratulations to the Italy Chapter for hosting the 2012 "Italy Day" This event drew over 210 attendees an an impressive list of speakers. For more information, including slides and videos, CLICK HERE