OWASP Events and Initiatives Overview

Explore a comprehensive overview of various OWASP events and initiatives, including past conferences, testing guides, proactive controls, AppSensor, dependency checker, WebGoat, cyber security week, and more. Get insights into key dates, program tracks, website references, and resources related to cybersecurity best practices. Dive into the top ten risks and proactive controls highlighted in the cybersecurity landscape.

• OWASP
• Events
• Initiatives
• Security
• Cybersecurity

mantomo Follow

Uploaded on Oct 10, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. OWASP Cambridge 2ndDecember 2014

2. Past AppSec Conferences AppSec EU 2014 23-26 June, Cambridge UK https://2014.appsec.eu/ https://www.youtube.com/playlist?list=PLpr-xdpM8wG_KHsxepT9o6trkqDELhr3_ AppSec USA 2014 16-19 September, Denver USA http://2014.appsecusa.org/2014/ http://2014.appsecusa.org/2014/about/live-streaming/ https://www.youtube.com/playlist?list=PLpr-xdpM8wG8jz9QpzQeLeB0914Ysq-Cl

3. Testing Guide Version 4 17thSeptember 2014 https://www.owasp.org/index.php/OWASP_Te sting_Project

4. Proactive Controls Version 1 10thMarch 2014 https://www.owasp.org/index.php/OWASP_Pr oactive_Controls

5. AppSensor Website 11thSeptember 2014 http://www.appsensor.org/ Reference implementation 13thSeptember 2014 v2.0.0 beta https://github.com/jtmelton/appsensor/release s/tag/v2.0.0-beta

6. Dependency Checker Version 1.2.6 17thNovember 2014 http://jeremylong.github.io/DependencyChec k/

7. Web Goat Version 6.0 12thSeptember 2014 http://webgoat.github.io/

8. Cyber Security Week 26-30 January 2015 OWASP London Cyber Security Week Workshops, talks and hackathon Startup focus Free to all Held at Google and UCL

9. AppSec EU 2015 Envisioned program 4 applied talk tracks: Builder, Breaker, Defender, CISO 1 research track 19-22 May 2015 Amsterdam RAI The Netherlands

10. Corporate Sponsors

11. Something Different Top Ten Risks Top Ten Proactive Controls 1. 2. Injection Broken Authentication and Session Management Cross-Site Scripting (XSS) Insecure Direct Object References Security Misconfiguration Sensitive Data Exposure Missing Function Level Access Control Cross-Site Request Forgery (CSRF) Using Components with Known Vulnerabilities 10. Unvalidated Redirects and Forwards 1. 2. 3. 4. Parameterize Queries Encode Data Validate All Inputs Implement Appropriate Access Controls Establish Identity and Authentication Controls Protect Data and Privacy Implement Logging, Error Handling and Intrusion Detection Leverage Security Features of Frameworks and Security Libraries Include Security-Specific Requirements 10. Design and Architect Security In 3. 4. 5. 6. 7. 5. 6. 7. 8. 9. 8. 9.

12. Another Game

13. Snakes and Ladders

14. Mobile Apps Too

15. Print Your Own Adobe PDF A2 print quality Web Applications DE, EN, ES, FR, JA, ZH Adobe Illustrator Source Mobile Apps EN, JA