1. Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License. The OWASP Foundation OWASP http://www.owasp.org OWASP 2.0 Update Sebastien Deleersnyder CISSP, BE Chapter Leader Sep, 2006 sdl@ascure.com

2. OWASP 2 Agenda  Introduction  OWASP 2.0  Belgium Chapter  New OWASP Projects

3. OWASP 3 Agenda  Introduction  OWASP 2.0  Belgium Chapter  New OWASP Projects

4. OWASP 4  Sponsors this evening:  ING  Co-organized with ISSA  Call for additional sponsors  Chapter meeting places & catering  Support for local projects  OWASP cannot recommend the use of products, services, or recommend specific companies Introduction

5. OWASP 5 Program for this evening:  18h30 - 18h45: Sebastien Deleersnyder, BE Chapter Leader OWASP 2.0 Update  18h45 - 19h00: Toon Mordijck, ISSA ISSA Introduction  19h00 - 19h55: Serge Moreno, ING Business Application Security through Information Risk Management  19h55 - 20h05: Break  20h05 - 21h00: Guy Crets, Apogado Secure and Reliable Web Services

6. OWASP 6 Agenda  Introduction  OWASP 2.0  Belgium Chapter  New OWASP Projects

7. OWASP 7 OWASP 2.0  Open Web Application Security Project  OWASP 2.0 New Manifesto: Enabling organizations to develop, maintain, and purchase applications that they can trust  Non-profit, volunteer driven organization  All members are volunteers  All work is donated by sponsors  OWASP 2.0  MediaWiki driven: www.owasp.orgwww.owasp.org  New OWASP Director: Andrew Van der Stock

8. OWASP 8 OWASP?  Provide free resources to the community  Publications, Articles, Standards, e.g.  OWASP Top 10  OWASP Guide  Testing Guide  Testing and Training Software, e.g.  WebGoat  WebScarab .NET Projects  Local Chapters, Mailing Lists & Conferences  Dual license model:  Open Source Licenses  Commercial License for Members

9. OWASP 9 OWASP Membership  Using OWASP material?  Join us and become member!  Enable OWASP to continue to provide unbiased:  Tools  Documentation  Conferences  Mailing Lists  … www.owasp.org/about/membership.html

10. OWASP 10 Agenda  Introduction  OWASP 2.0  Belgium Chapter  New OWASP Projects

11. OWASP 11 Belgium Chapter - What do we have to offer?  Quarterly Meetings  Mailing List  Presentations & Groups  Open forum for discussion  Meet fellow InfoSec professionals  Create (Web)AppSec awareness in Belgium  Local projects?

12. OWASP 12 Belgium Chapter – House Rules  Free & open to everyone  Language  English preferred  Native language: no problem!  No vendor pitches or $ales presentations  Respect for different opinions  No flaming (including M$ bashing)  1 CISSP CPE for each hour of OWASP chapter meeting  Sign Sheet & I’ll e-mail scan: you claim CPE credits

13. OWASP 13 OWASP Local Chapter Meetings 2006  Next Meetings:  Tuesday Nov 21 2006 - Brussels  Program:  Short OWASP intro  Presentation on introduction topic  Panel, workshop, round-table, … on more advanced topic  Topics:  Call for input!

14. OWASP 14 Agenda  Introduction  OWASP 2.0  Belgium Chapter  New OWASP Projects

15. OWASP 15 New OWASP Projects  OWASP Autumn Of Code 2006  financially sponsoring contributions  focused on completing existent OWASP Projects  OWASP CLASP (Comprehensive, Lightweight Application Security Process) Project  OWASP AJAX Security Project

16. OWASP 16 Updating old favorites  OWASP Guide 3.0 PDF, book, and Wiki  Top 10 2007 Wiki Edition - need volunteers  Testing Guide 1.0 PDF and Wiki - need volunteers

17. OWASP 17 OWASP Conference  Next conference: OWASP AppSec Seattle 2006  Seattle, Washington, US  Training Day: October 16th  Main Conference: October 17-18  Keynote Michael Howard from Microsoft on "The Benefits of the SDL initiative to Microsoft and its Customers".

18. OWASP 18 That’s it…  Any Questions? http://www.owasp.org/index.php/Belgium sdl@ascure.com Thank you!

19. OWASP 19 Subscribe to BE Chapter mailing list  Keep up to date!  Post your (Web)AppSec questions  Contribute to discussions!