Presentation is loading. Please wait.

Presentation is loading. Please wait.

OWASP Web Services Project

Published byRodney Tyler Modified over 6 years ago

Similar presentations

Presentation on theme: "OWASP Web Services Project"— Presentation transcript:

1 OWASP Web Services Project
How OWASP can become the leading destination for “Web Service Application Security” Alex Smolen OWASP So Cal Chapter

2 What are web services? Web applications vs. web services Examples of web services Why web services?

3 Web Service Security Transport Layer Message Layer Application Layer
SSL Message Layer WS-Security XML Encryption, XML Signature, SAML,… WS-* Application Layer OWASP Top Ten +

4 Additional Application Threats to Web Services
Parser Attacks XML Bombs External Entities Backend Attacks XPath, XQuery XML Injection Logical Attacks

5 Web Service Security Resources
OASIS Microsoft, IBM, Sun, etc… Books, blogs, articles Why OWASP?

6 Current Projects WebGoat 3.7 OWASP Guide OWASP Testing Guide

7 Additional Ideas WebScarab Web service security landing page FAQ Tools for web service developers (?)

8 How You Can Help Learn about Web Service Security Join OWASP Web Services Mailing List Work on OWASP Web Services Project Charter Contribute to OWASP Web Services Projects Contact me

Download ppt "OWASP Web Services Project"

Similar presentations

Web Service Composition Prepared by Robert Ma February 5, 2007.

Web Service Composition Prepared by Robert Ma February 5, 2007.
Don’t get Stung (An introduction to the OWASP Top Ten Project) Barry Dorrans Microsoft Information Security Tools NEW AND IMPROVED!

Don’t get Stung (An introduction to the OWASP Top Ten Project) Barry Dorrans Microsoft Information Security Tools NEW AND IMPROVED!
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Hands on Demonstration for Testing Security in Web Applications

Hands on Demonstration for Testing Security in Web Applications
0 Web Service Security JongSu Bae. 1  Introduction 2. Web Service Security 3. Web Service Security Mechanism 4. Tool Support 5. Q&A  Contents.

0 Web Service Security JongSu Bae. 1  Introduction 2. Web Service Security 3. Web Service Security Mechanism 4. Tool Support 5. Q&A  Contents.
E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.

E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
WS-Security TC Christopher Kaler Kelvin Lawrence.

WS-Security TC Christopher Kaler Kelvin Lawrence.
Copyright © 2009 - The OWASP Foundation This work is available under the Creative Commons SA 3.0 license The OWASP Foundation OWASP

Copyright © The OWASP Foundation This work is available under the Creative Commons SA 3.0 license The OWASP Foundation OWASP
Secure Web Services Akylbek Zhumabayev Rochester Institute of Technologies.

Secure Web Services Akylbek Zhumabayev Rochester Institute of Technologies.
Web services security I

Web services security I
What is OWASP OWASP Live CD Live Demo Omar Sherin-OWASP Egypt.

What is OWASP OWASP Live CD Live Demo Omar Sherin-OWASP Egypt.
Is Your Website Hackable? Check with Acunetix Web Vulnerability Scanner. Acunetix Web Vulnerability Scanner V9.

Is Your Website Hackable? Check with Acunetix Web Vulnerability Scanner. Acunetix Web Vulnerability Scanner V9.
OWASP Website Workshop 5 th November 2008. OBJECTIVES Brainstorming, outlining high-level goals for the site. Defining the audience, setting the tone

OWASP Website Workshop 5 th November OBJECTIVES Brainstorming, outlining high-level goals for the site. Defining the audience, setting the "tone"
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
The OWASP Foundation OWASP The Open Web Application Security Project Join the application security community for free, unbiased, open.

The OWASP Foundation OWASP The Open Web Application Security Project Join the application security community for free, unbiased, open.
Ryan Dewhurst - 20th March 2012 Web Application (PHP) Security.

Ryan Dewhurst - 20th March 2012 Web Application (PHP) Security.
Copyright © 2008 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.

WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Similar presentations

Ads by Google