[OWASP-Columbia] OWASP Connector Nov 2016

Frank Catucci frank.catucci at owasp.org
Mon Dec 5 18:50:51 UTC 2016


> 
> 
>        	       	       
> December 5, 2016 | www.owasp.org | Contact Us | Brought to you by the OWASP Foundation
> 
>   			
> OWASP is Searching for our 2018 Global AppSec Locations!
> 
> Your 2017 Board Has Been Elected
> 
> OWASP in the News
> 
> OWASP Podcasts
> 
>  			
> New Project Releases
> 
> Corralling the Vulnerability Chaos; With Live Demo
> 
>   			
> Global AppSec Events
> 
> Local and Regional Events
> 
> Partner and Promotional Events
> 
>  			
> Chapter Activities
> 
>  			
> New and Renewing Corporate Members
> 
>  			
> OWASP Foundation Social Media
> 
> 
> OWASP Communications
> OWASP is Searching for our 2018 Global AppSec Locations!
> 
> OWASP encourages any community member interested in hosting a OWASP​ Global ​Conference to submit a proposal.
> 
> Asia Pa​c​ific​ ​(this may be formatted as an ​Asia Tour instead)
> Europe
> Latin America (this may be a Latam Tour instead)
> North America
> To bid for a 2018​ OWASP Global AppSec please complete the OCMS form http://www.tfaforms.com/301382 with the following information before February 28th, 2017.
> 
> The proposed city and host chapter.
> The name of the intended local organizer and team committed to the task for 2018​ along with a brief explanation on why the conference committee wants to organize an OWASP Global AppSec.
> Previous conferences or local/regional events experience of the conference committee.
> The intended dates for the conference. (Typically includes two or three days of pre-conference training, followed by two days of conference talks).
> Venue recommendations. If possible, assurance that the following will be available:
> – Green room, storage room, breakout rooms, etc.
> – A large auditorium. Other lecture rooms near the main auditorium.
> – Projection facilities in all rooms up to modern standards.
> – A suitable mixing space near the rooms for registration, breaks and other activities.
> – A hall near the rooms for sponsor exhibitions.
> – If possible, attach a tentative floor plan design.
> Budget. Please use the form on google docs https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AhOGWXgQrDnddE9nZnh1UEZzUHJ2cl85R2hVd2IxRGc&usp=drive_web#gid=0 (Since many of the categories of expenses are optional, consider this a check list. You can add as many items as you want and you do not need to fill in every box if you do not want it to be included in your event.)
> Possible "big name" speakers in AppSec who might be plenary speakers.
> Any other relevant information.
> By submitting an application, you are already demonstrating your commitment to OWASP. Hosting a conference requires both a commitment and a great deal of responsibility. A lot of time, energy and effort are needed during the proposing, planning and implementing phases of hosting a conference. For more information see the How to Host a Conference page.
> 
> Should you have any questions concerning the proposal process or need assistance with your application, please do not hesitate to contact our Global Conference Manager Laura Grau.​
> 
> Application submissions are currently open and will remain open until February 28th, 2017. Applicants will be notified by March 31st, 2017.
> 
> 
> 
> Your 2017 Board Has Been Elected
> 
> Thank you to every one who voted in the 2017 Board of Directors election, your choice of representation matters. The OWASP Board consists of seven volunteers elected on alternating years to serve a two year term. These unpaid volunteers dedicate themselves to the organizational mission and playing a pivotal role in the software security community. Members of the Global Board of Directors are responsible for setting the strategic direction of the organization and ensuring the financial integrity of the Foundation.
> 
> Our thanks to everyone who stood for the board this year, your willingness to take on time consuming duties to further OWASP's mission is greatly appreciated. OWASP is lucky to have such talented and active volunteers and we look forward to continuing to work with you.
> 
> We are glad to announce that our new board members are:
> 
> Andrew J van der Stock                Matt Konda                    Johanna Curiel
> 
> Check out the OWASP Blog for the full results.
> 
> 
> 
> OWASP in the NEWS!
> 
> Breaking Through At AppSecUSA 2016 - Information Security Buzz 11/23/2016
> 
> Alleged Adult Website Breach May Affect 412 Million Accounts - Bank InfoSecurity 11/14/2016
> 
> Companies in Saudi Arabia must look to the future for opportunities - Saudi Gazette 11/10/2016
> 
> AppSec California Announces Key Notes - PR Rocket 11/2/2016
> 
> 
> 
> OWASP Podcasts
> 
> OWASP Projects and activities are often the subject of webcasts and podcasts. Sit back and relax as you watch and listen to these recent episodes.
> 
> AppSec USA an Update on the WebGoat Project
> 
> 
> OWASP Projects
> New Project Releases
> 
> OWASP Automated Threat Handbook
> 
> Tin Zaw and Colin Watson announce version 1.1 of OWASP Automated Threat Handbook. The handbook is a product of OWASP Automated Threats to Web Application project.
> 
> Key updates in this version are ​enumeration of countermeasure classes, application of countermeasures to specific threats and more examples of symptoms for each threat.
> 
> You may purchase a hard copy on Lulu Press or download the PDF for free.
> 
> Feedback and comments for v1.2 are welcome via mailing list and email.
> 
>  
> OWASP Core Rule Set
> 
> Chaim Sanders and the Core Rules Set team are proud to announce OWASP Core Rule Set (CRS) Version 3.0.0 (stable). OWASP CRS is a set of generic rules similar to the the OWASP Top 10, designed to protect users against threat. The rule set is most often deployed in conjunction with an existing Web Application Firewall like ModSecurity.
> 
> This latest version features many changes that help make CRS a valuable part of a Defense in Depth strategy for protecting you web application, including:
> 
> Improved and More Precise Detection Coverage
> 90-95% Reduced False Positives and the Introduction of Paranoia Levels
> Anomaly Scoring Mode by Default
> Simplified User Experience
> New Remote Code Execution Rules
> Improved Layout, Documentation, and Testing
> To download a copy or to submit any issue, please visit our Github. If you are seeking additional information about the release, please check out this accompanying blog post. The OWASP CRS team is truly excited and pleased with this release, there are even rumors this new rule set is being made into a movie.
> 
> 
> 
> Corralling the Vulnerability Chaos; With Live Demo
> 
> Four short years ago, I spent 35% of my time actually hacking on products and 65% of my time writing reports and recording metrics. Our team tried a multitude of tools to make our lives easier, but it seemed to only increase our turnover rates. The landscape of security has never been harder to manage with the numerous hoops engineers and penetration testers have to jump through to actually do their job. The frustration and lack of options led to DefectDojo, a free and open-source vulnerability management tool.
> 
> 
> 
> DefectDojo is meant to be a tool that not only stores findings, but also helps to streamline your entire application security program. It simplifies vulnerability management by offering templating, report generation, metrics, scanner finding deduplication, and baseline self-service tools to allow engineers and penetration testers to spend their time on their actual expertise, hacking. Comprehensive details on all of DefectDojo’s features can be found on our official docs.
> 
> Learn more including sample reports and live demo at the OWASP Blog.
> 
> 
> OWASP Events
> Global AppSec Events
> 
> AppSec Europe 2017  May 8 - 12, 2017, Belfast, UK
> 
> Call for Papers, ends January 9
> Call for Trainings, ends January 2
> Call for Lightning Trainings
> Call for Activities
> Call for Arsenal
> Call for Sponsors
> AppSec USA 2017   September 19 - 22, 2017, Orlando, Florida, USA
> 
> 
> 
> Regional and Local Events
> 
> AppSec Rio de a Plata 2016  December 1 - 2, 2016, Rio de la Plata, Uruguay
> 
> AppSec Cali 2017  January 23 - 25, 2017, Santa Monica, CA, USA
> 
> AppSec Africa 2017  February 1 - 2, 2017, Marrakech, Morocco
> 
> SnowFROC 2017  March 16, 2017, Denver, CO, USA
> 
> Latam Tour 2017  April 3 - 28, 2017, South America
> 
> OWASP Middle East Cyber Security Conference 2017  May 3 - 4, 2017, Dubai, UAE
> 
> 
> 
> Partner and Promotional Events
> 
> (ISC)2 Secure London December 6, 2016 London OWASP     Members Save 10% by using discount code  ISC2LONOWASP
> 
> Infosecurity Boston Conference   December 6-7, 2016  Boston, MA
> 
> (ISC)2 Secure Croatia December 15, 2016  Croatia   OWASP member save 10% by using discount code: ISCEEWASP
> 
> IoT Tech Expo Global 2017 January 23-24, 2017   Olympia, London   OWASP members save 20% by using discount code: OWASP20
> 
> Cyber Resilience & InfoSec 2017  February 6-7, 2017   Abu Dhabi, U.A.E.
> 
> SC Congress London   February 23, 2017   London, UK
> 
> CyberCentral   April 4-6, 2017   Prague, Czech Republic
> 
> QuBit Conference 2017   April 4-6, 2017   Prague, Czech Republic   OWASP members save 10% by using discount code: QB17OWASP
> 
> SC Congress New York   May 2, 2017   New York, NY
> 
> Techno Security & Digital Forensics Conference  June 4-7, 2017   Myrtle Beach, SC
> 
> SC Congress Toronto   June 13-14, 2017   Toronto, Canada
> 
> Ads are not endorsements and reflect the messages of the advertiser only.They represent co-marketing arrangements
> with other organizations in support of the OWASP Community.   CLICK HERE for more information on advertising.
> 		
> 
> OWASP Chapters
> Notable Chapter Activity
> 
> OWASP-Jaipur conducted On The Go Web Application Security Meetup for college students at AMITY UNIVERSITY JAIPUR, RAJASTHAN for the to increase awareness of web application security among the college level students. This one day event garnered 92 student-attendees.
> 
> 
> There are many future sessions and meetups planned. 
> 
> Share Your Stories!
> 
> We at the OWASP Global Foundation are looking forward to hearing about more such events in future. Share your chapter's successes! Submit your stories to support at owasp.org
> 
> OWASP Membership is a great way to contribute to our local chapters and projects. A portion of your membership can be allocated to the chapter and/or project of your choice. Please show your support for OWASP Projects and Chapters by becoming an Individual or Corporate member today!
> 
> 
> OWASP Membership
> We would like to thank the following companies for supporting the OWASP Foundation. The companies listed below have contributed this month by either renewing their existing Corporate Membership or joining OWASP as a new Corporate Member. Details about Corporate Membership can be found here.
>  
> Premier Corporate Member
>  
> 
> Fortify is the only solution that secures and protects code throughout the entire development lifecycle of any type of software—from development to testing, release to production and every iteration in between. Fortify static, dynamic, interactive, and runtime security testing technologies are available on demand or through several licensing models, offering organizations the flexibility needed to build an end-to-end software security assurance program. To learn more, please visit: http://www8.hp.com/us/en/software-solutions/application-security/index.html
>  
>  
>  
> Contributor Corporate Members
>  
> 
> For more information, please visit: https://www.smartrac-group.com/
>  
>  
>  
> Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world's 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software quality and security solutions. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest quality and security, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.
>  
>  
> 
>  
>  
>  
>  
>  
> Verizon Digital Media Services is the industry’s only single, end-to-end digital media platform that can prepare, deliver, display and enable the monetization of online content. The platform is built on the world’s largest, most connected network, and has over 90 points of presence on five continents, ensuring high-quality viewing of digital content on any device, anytime, anywhere. The company provides the foundational components in the websites, apps and OTT video services for many of the world’s largest publishers, media companies and enterprises. Verizon Digital Media Services is part of AOL Inc. Learn more about how Verizon Digital Media Services continues to change the way the world watches at www.verizondigitalmedia.com.
>  
>  
>  
> Want your name here? Find out how by visiting our Corporate Member information page, or contact Kelly Santalucia today!  Thanks to all of our Premier and Contributor Corporate Members for your support in 2016!
> 
> 
> OWASP Social Media
> OWASP Social Media Sites
> 
> OWASP YouTube Channel
> LinkedIn
> Twitter
> Google +
> Facebook
> StackOverflow
> GitHub
> Trello
> Slack
> 
> 
> Click to view this email in a browser 
> 
> If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe
> The OWASP Foundation
> 1200-C Agora Drive
> #232
> Bel Air, Maryland 21014
> US
>              
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-columbia/attachments/20161205/1e0a2214/attachment-0001.html>


More information about the OWASP-Columbia mailing list