Download presentation
Presentation is loading. Please wait.
Published byShon Robinson Modified over 9 years ago
1
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation OWASP http://www.owasp.org Chapter Briefing OWASP Summit & AppSec DC 2009 Ralph Durkee Rochester OWASP VP
2
OWASP 2 Rochester OWASP Leadership Changes for our Chapter Andrea Cogliati replaces Ralph Durkee as President Ralph Durkee is now serving as Vice President Reasons for Change Prevent overload for Ralph Ralph founded Rochester chapter in 2004; time for new leadership Andrea has already been heavily involved in leading the Chapter and attended the 2008 Summit
3
OWASP 3 OWASP Summit 2009 Wash. DC Nov 11th Meeting of OWASP Leadership Board Global Committee Members Chapter Leaders OWASP Members Review 2009 & Decide directions for 2010 2nd Summit, 1 st was Nov 2008 in Portugal
4
OWASP Agenda Opening Remarks Accomplishment since 2008 Membership & Board Candidates Presentation and Q&A by each committees
5
OWASP OWASP Board Board Members (original): Jeff Williams Dinis Cruz Dave Wichers Tom Brennan Sebastien Deleersnyder Board Members (added Nov 2009): Eoin Keary Matt Tesauro
6
OWASP OWASP Global Committees Global Committees: Membership Committee Project Committee Chapter Committee Conferences Committee Education Committee Industry Committee Connections Committee
7
OWASP OWASP Summit Highlights Each committee presented followed by plenty of Q&A, discussion and debate Size of the OWASP Board increased to 7 Board candidates presented and held Q&A Lively debate on OWASP Certification Plenty of encouragement to increase involvement in committees and projects Great networking with other OWASP Leaders
8
OWASP DC AppSec 2009 Highlights Jeff Williams spoke briefly on the state of Software Security Broken market? - cited “The Market for Lemons” by George Akerlof If buyers can’t see the difference, then only lemons will be sold. Need radical innovative ideas to fix the market. Not going to “hack our way secure”. The OWASP mission is to make application security visible.
9
OWASP DC AppSec 2009 Highlights 2 OWASP ESAPI Web Application Firewall ??? ESAPI is Enterprise Security API How does ESAPI become a Web App Firewall? Virtual patching - API providers wrappers for vulnerable calls to provide security Add flags, headers, authentication calls etc. ESAPI has better coverage of the vulnerabilities then most WAF Better Performance and Intelligence at the application layer. Very affordable since it’s Free
10
OWASP DC AppSec 2009 Highlights 3 2010 OWASP Top 10 RC announced Dave Wichers presented Slides and Video are on-line More Information Slides and Videos of some presentations are recently on-line (Video was lost and recovered) http://www.owasp.org/index.php/OWASP_AppSec_ DC_2009_Schedule#tab=Talks_11.2F12 http://www.owasp.org/index.php/OWASP_AppSec_ DC_2009_Schedule#tab=Talks_11.2F12 NoScript users - Need to have Javascript enabled from yahoooapis.com for the tabs to work.
11
OWASP 11 That’s it… Any questions or comments? Presentation will be online: Thank you!
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.