Post on 14-Jan-2016
description
Copyright © 2007 - The OWASP FoundationThis work is available under the Creative Commons SA 2.5 license
The OWASP Foundation
OWASPAppSec India Aug 2008
http://www.owasp.org
Tour of OWASP’s projects
Jason Li & Dinis Cruz (remotely)Jason.li@owasp.org , dinis.cruz@owasp.org
August 16, 2008
OWASP
OWASP Tools and Technology
2
OWASP
OWASP Body of Knowledge
Core Application Security
Knowledge Base
Acquiring andBuildingSecure
Applications
VerifyingApplication
Security
ManagingApplication
Security
ApplicationSecurity
Tools
AppSecEducation and
CBT
Research toSecure New
Technologies PrinciplesThreat Agents,
Attacks, Vulnerabilities, Impacts, and
Countermeasures
PrinciplesThreat Agents,
Attacks, Vulnerabilities, Impacts, and
CountermeasuresOWASP Foundation 501c3
OWASP Community Platform(wiki, forums, mailing lists)
Pro
jects
Ch
ap
ters
Ap
pS
ec C
on
fere
nces
Guide to Building Secure Web
Applications and Web Services
Guide to Building Secure Web
Applications and Web Services
Guide to Application
Security Testing and
Guide to Application
Security Code Review
Guide to Application
Security Testing and
Guide to Application
Security Code Review
Tools for Scanning, Testing,
Simulating, and Reporting Web
Application Security Issues
Tools for Scanning, Testing,
Simulating, and Reporting Web
Application Security Issues
Web Based Learning
Environment and Guide for Learning
Application Security
Web Based Learning
Environment and Guide for Learning
Application Security
Guidance and Tools for
Measuring and Managing
Application Security
Guidance and Tools for
Measuring and Managing
Application Security
Research Projects to
Figure Out How to Secure the Use of New
Technologies (like Ajax)
Research Projects to
Figure Out How to Secure the Use of New
Technologies (like Ajax)
Top level view
OWASP
There are a lot of OWASP projects
OWASP
OWASP projects by numbers
Total Projects: 88 (34 with SoC Grant)
Tools: 42 (16 with SoC 08 Grant)
Documentation: 32 (12 with SoC 08 Grant)
Technologies: 9 (2 with SoC 08 Grant)
Activities: 5 (4 with SoC 08 Grant)
OWASP
Documentation projects
OWASP
Activities, Technologies
OWASP
Tools
OWASP
SoC 08 projects – 126,000 USD in Grants
10 Projects you should know about
OWASP
1) OWASP Top 10 (Release Quality)
OWASP
OWASP
2) OWASP Testing Guide v2 (Release Quality)
OWASP
3) Legal Project (Release Quality)
OWASP
OWASP
4) Code Review (Beta Quality)
OWASP
Code review is currently under a SoC 08 grant
OWASP
5) EASPI (Beta Quality)
OWASP
6) ADSR (Beta Quality)
OWASP
7) Web Goat (Release Quality)
OWASP
8) OWASP Encoding Project (Beta/Release Quality)
OWASP
9) WebScarab (Release Quality)
OWASP
10) OotM - OWASP on the Move (Release)
OWASP
OotM Marketplace
OWASP
Questions and Answers