Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike 2.5 License. To view this license, visit The OWASP Foundation OWASP AppSec Seattle Oct Java Project Status Rohyt Belani OWASP Java Project Lead Managing Director, MANDIANT

OWASP AppSec Seattle The Objective  To facilitate the building of secure Java and J2EE applications  Introduce Software Architects to security design and architectural considerations  Arm Java developers with the know-how to cover the spectrum of security issues during development, such as input validation, encryption, error handling, logging, etc.  Assist application deployers in reducing the attack surface of the application servers  Provide security testers information on security analysis tools and techniques

OWASP AppSec Seattle What have we achieved?  Started in June 2006  Led by Stephen De Vries & Rohyt Belani  Over 50 members subscribed to the project mailing list  11 articles  Several more articles in the works  Articles provide practical information supplemented with appropriate snippets of code

OWASP AppSec Seattle Our plan going forward…  Provide practical coverage on noteworthy frameworks like Struts, Hibernate, etc.  Complete work on the current list of articles in the next 6 months  Make this project the “one stop shop” for the security needs of Java developers We need your help to make this happen!

OWASP AppSec Seattle What you can do…  Provide suggestions on topics that you will like covered in addition to those currently outlined in the project roadmap  Initiate and participate in appropriate idea exchanges on the project mailing list  Contribute by writing articles or even pieces of larger articles Secure the world…function() by function()

OWASP AppSec Seattle For more information… Visit: Contact: Rohyt Belani: Stephen De Vries: