[Owasp-netherlands] An update on OWASP activities
Seba
seba at owasp.org
Thu Nov 11 04:33:42 EST 2010
Hi,
OWASP update: we had a LOT of activities on OWASP projects lately.
See below.
If you want to get involved: just volunteer to Paulo or the project leader!
More updates at OWASP BeNeLux 2010: register at www.owaspbenelux.eu.
--Seba
*A. RELEASES’ ASSESSMENTS AND NEW LEADERSHIPS *
* *
*1 **OWASP ModSecurity CRS Project, led by Ryan Barnett,* has been
under intense work development and has produced recently various releases.
Its version ModSecurity2.0.6 has been reviewed and assessed and was
consequently rated Stable Quality Release.
http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
*2 *In a record time the *OWASP Secure Coding Practices - Quick
Reference Guide, led by Keith Turpin,* has had its third release assessed
and consequently rated as Stable Quality.
http://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide
*3 *The* OWASP AppSensor Project*, *led by Michael Coates*, has
important developments (new tool) and is currently under review targeting a
Stable Release rating.* *
http://www.owasp.org/index.php/Category:OWASP_AppSensor_Project
*4 *The* OWASP O2 Platform, led by Dinis Cruz, *has important
developments (new release)* *and is currently* *under review targeting a
Stable Release rating.
http://www.owasp.org/index.php/OWASP_O2_Platform
*5 *The* **OWASP Development Guide* has new project leaders. *Vishal
Garg** and **Anurag Agarwal* are currently assuming the role previously
performed by *Andrew van der Stock*.
*6 *The *OWASP JBroFuzz Project* has a new leadership. *Yiannis
Pavlosoglou* has been replaced by *Ranulf Green*.
http://www.owasp.org/index.php/JBroFuzz
* *
*7 *The* **OWASP Enterprise Application Security Project* has been
recently adopted by Alexander Polyakov.
http://www.owasp.org/index.php/OWASP_Enterprise_Application_Security_Project
* *
*8 *The* **OWASP CTF Project* has a new leader. Martin Knobloch has
been replaced by Steven van der Baan.
http://www.owasp.org/index.php/Category:OWASP_CTF_Project
* *
* *
*B. PROJECTS RECENTLY SET UP (LAST FOUR MONTHS)*
* *
*1 **OWASP College Chapters Program*, led by Jeff Williams. **
This initiative will help to extend application security into colleges and
universities worldwide.
http://www.owasp.org/index.php/OWASP_College_Chapters_Program
*2 **OWASP Alchemist Project*, co-lead by Bishan Singh, Chandrakanth
Narreddy and Naveen Rudrappa.
This project enables a software development team in realization of highly
secure and defensible application with built-in defences/controls against
security‐related design, coding and implementation flaws.
http://www.owasp.org/index.php/OWASP_Alchemist_Project
*3 **OWASP Browser Security Project, created by initiative of Dave
Wichers & Michael Coates.*
This project still has no clear leadership but the main effort has been made
by the above referred.
http://www.owasp.org/index.php/OWASP_Browser_Security_Project
*4 **OWASP Uniform Reporting Guidelines, led by Vlad Gostomelsky. *
This project will complement the OWASP Testing Guide as well as the OWASP
RFP Template. This is going to be a reporting template for vulnerability
findings which will be free, base on industry best practices and hopefully
will become the de facto standard.**
http://www.owasp.org/index.php/OWASP_Uniform_Reporting_Guidelines
*
*
*5 **OWASP Zed Attack Proxy Project, led by Psiinon.*
This project provides an easy to use integrated penetration testing tool for
testing web applications and provides automated scanners as well as a set of
tools that allow you to find security vulnerabilities manually.
http://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
*6 **OWASP Secure Web Application Framework Manifesto, led Rohit
Sethi. *
This project is a document detailing a specific set of security requirements
for developers of web application frameworks to adhere to.
http://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manifesto
*7 **OWASP Mobile Security Project, led by Jack Mannino and Mike
Zusman.*
The OWASP Mobile Security Project will help the community better understand
the risks present in mobile applications, and learn to defend against them.*
*
http://www.owasp.org/index.php/OWASP_Mobile_Security_Project
*8 **OWASP Application Security Skills Assessment, led by Neil
Smithline.*
This project (aka OWASP ASSA) is an online multiple-choice quiz built to
help individuals understand their strengths and weaknesses in specific
application security skills.
http://www.owasp.org/index.php/OWASP_Application_Security_Skills_Assessment
*9 **OWASP Fiddler Addons for Security Testing Project**, led by
Chris Weber.***
This project (aka OWASP FAST) is the umbrella for two complementary projects
i.e. the *Watcher Project,* a passive vulnerability scanner, and the *X5s
Project*, an active XSS testing and input/output encoding detection.
http://www.owasp.org/index.php/OWASP_Fiddler_Addons_for_Security_Testing_Project
* *
* *
* *
*D. PROJECTS TO BE SOON SET UP*
*1* OWASP *ESAPI Objective C*
*2* OWASP *PASSWD*
*3* OWASP *Eclipse plug-in*
*4* OWASP *Open-sourcing JXT*
*5* OWASP *A10-Unvalidated Forwards*
*D. PROJECTS TO BE SOON RESET UP*
* *
*1* All the Cross-Site Request Forgery (*CSRF*) related contents. **
*E. OTHER NEWS*
*1 *Three major *OWASP Guides – Development, Testing and Code Review* –
are being pushed by their leaders and contributors to reasonably soon
publish a new release. Each of them has been funded with 5,000 dollars.
http://www.owasp.org/index.php/Category:OWASP_Testing_Project#tab=Project_About
*
http://www.owasp.org/index.php/Category:OWASP_Guide_Project#tab=Project_About
*
http://www.owasp.org/index.php/Category:OWASP_Code_Review_Project#tab=Project_About
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-netherlands/attachments/20101111/1558ef41/attachment-0001.html
More information about the Owasp-netherlands
mailing list