[OWASP-Columbia] Fwd: OWASP Foundation | March 2016 Connector

Frank Catucci frank.catucci at owasp.org
Thu Mar 31 15:32:44 UTC 2016



Begin forwarded message:

> From: "The OWASP Foundation" <The_OWASP_Foundation at mail.vresp.com>
> Date: March 31, 2016 at 11:29:14 AM EDT
> To: frank.catucci at owasp.org
> Subject: OWASP Foundation | March 2016 Connector
> Reply-To: "The OWASP Foundation" <reply-4c36c650f4-d1c8dfd3bd-0379 at u.cts.vresp.com>
> 
> 
>        	       	       
> 
> March 31, 2016 | www.owasp.org | Contact Us | Brought to you by the OWASP Foundation
> 
>            
> Virtual Training Platform Available
> 
> Annual Report - Call for Content
> 
> Act Now to Qualify for an Honorary Membership in 2016
> 
> OWASP in the News
> 
> OWASP Podcasts
> 
>               
> GSOC Needs Mentors
> 
> SKF is Black Duck Rookie of the Year
> 
> Pycon 2016 Opportunity
> 
> XML External Entities Resources
> 
> Project Releases: Code Review Guide and Dependency Check
> 
>               
> AppSec USA 2016 Call for Papers and Trainings
> 
> AppSecEU University Challenge
> 
> Global AppSec Events
> 
> Local and Regional Events
> 
> Project Summits
> 
> Partner and Promotional Events
> 
>              
> New OWASP Chapters
> 
> Chapter Restarts
> 
> Chapter Transitions
> 
> New Student Chapters
> 
> New Academic Supporters
> 
> Chapter Activities
> 
>                                                    
> Renewed Premier Members
> 
> Renewed Contributing Members
> 
>              
> OWASP Foundation Social Media
> 
> 
> OWASP Communications
> Virtual Training Platform Available
> 
> You ask and OWASP delivers!
> 
> We're excited to announce that The OWASP Foundation has added the GoToTraining platform to our arsenal of virtual tools. GoToTraining lets you take advantage of an interactive learning environment where you can post materials (pre course materials, videos, images, class resources), give tests, take polls, and execute small group activities. Classes can be limited in the number of attendees or host as many as 50 students.
> 
> We would like to begin to schedule training sessions for delivery as early as April. Do you have a 1 to 4 hour class you would like to present?
> 
> Popular Topics for OWASP Training are (in no particular order)
> 
> XSS
> XSS Filter Evasion Cheat Sheet
> XSS Prevention Cheat Sheet
> ZAP
> SQL Injection
> SQL Injection Prevention Cheat Sheet
> Testing for SQL Injection
> CSRF (Cross-Site Request Forgery)
> CSRF (Cross-Site Request Forgery) Prevention Cheat Sheet
> and of course, The OWASP Top 10
> For Q2, all trainings will be recorded and made available through the OWASP YouTube Channel and links to the recordings will be posted on the relevant pages on the wiki.
> 
> If you are a trainer in a non English speaking country and would like to host a training in another language, that would be fantastic!
> 
> Any interested trainers, please CONTACT US or reach out to Kate Hartmann directly.
> 
> As always, thank you for all you do!
> 
> Annual Report Call for Content
> 
> The OWASP Foundation is looking for exciting and illustrative success stories from YOU, the community for inclusion in our 2015 Annual Report. This yearss theme is simply: Growing, Learning, Sharing, Leading.
> 
> Tell us how you and your team worked to spread the OWASP mission in 2015. Here are some ideas but feel free to be creative!
> 
> How did your local/regional/global collaborate spread security awareness?
> What types of educational outreach did you and/or your team accomplish?
> How did you and/or your team leverage the OWASP platform to inspire non security professionals to turn their attention to application security?
> Where did you leave a BIG OWASP footprint?
> How did YOU benefit from the different facets of the OWASP platform?
> Submit your content - articles, pictures, ideas by April 14, 2015. This is your opportunity to share with the world why you participate. We want everyone to contribute! Everyone's story is important to the Foundation. Become globally famous by submitting your picture and/or brief bio so we can be sure to give you credit for your contribution. Of course, you may also request to remain anonymous if you prefer.
> 
> Act Now to Qualify for an Honorary Membership in 2016
> 
> Purchase or renew your OWASP Individual Membership for a chance to win!
> 
> Anyone who purchases a new individual membership, renews their existing individual membership or submits & are approved for an Honorary* Membership between April 1, 2016 and June 20, 2016 will be entered into a raffle to win a prize! Join or Renew today!
> 
> The raffle will be held June 22, 2016. Winners will be notified and results posted the same day. Prizes include and will be raffled off in this order:
> One (1) Amazon gift card (value $50/USD)
> One (1) AppSecEU 2016 conference ticket (value 600€)
> One (1) AppSecUSA 2016 conference ticket (value $995)
> 
> *Honorary Membership is now available year round ​starting ​April 1​, 2016!
> 
> To learn more about Honorary Membership and to see if you are eligible, please visit our Honorary Membership page here. Submissions will be reviewed and verified by OWASP.
> 
> OWASP in the NEWS!
> 
> How to Hack an App: 8 Best Practices for Pen Testing Mobile Apps - Tech Beacon 3/21/2016
> 
> OWASP Releases Software Assurance Maturity Model (SAMM ... - PR Newswire 3/16/2016
> 
> Black Duck's Open Source 'Rookies of the Year' 2015 - ComputerWeekly 3/16/2016
> 
> mHealth App Security is a Myth, New Survey Finds - mHealth Intelligence 3/14/2016
> 
> Google offers app to help companies assess their vendors' security - Networks Asia 3/11/2016
> 
> OWASP Podcasts
> 
> OWASP Projects and activities are often the subject of webcasts and podcasts. Sit back and relax as you watch and listen to these recent episodes.
> 
> Active Deception as a Methodology for Cybersecurity w/ Lawrence Pingree from Gartner
> 
> DevOps, Security and Engineering at Slack with Slack's Senior Staff Security Engineers Leigh Honeywell And Ari Rubenstein
> 
> Security War Games with Sam Guckenheimer at Rugged DevOps RSAC 2016
> 
> Guns, Germs and Steel at RSAC 2016 with John Willis
> 
> Equal Respect: Women in Technology with Chenxi Wang
> 
> 
> OWASP Projects
> Google Summer of Code Needs Mentors
> 
> We are calling out for more mentors to get involved. We have 81 Proposals and need your participation.
> 
> Become a Mentor:
> 
> Do you want to become a mentor for a student?
> Choose a participating OWASP project from the wiki page listed below preferably the one you are most familiar with.
> Link: https://www.owasp.org/index.php/GSOC2016_Ideas
> 
> Touch base with the project leader and ask one of the org admins (Claudia, Kostas or Fabio) to send you an invitation and get you started today.
> 
> Please let us know if you need help or supporting material.
> 
> Thank you in advance for your time and look forward to your participation.
> 
> Konstantinos Papapanagiotou
> Initiative Leader
> 
> Fabio Cerullo
> Initiative Leader
> 
> Claudia Aviles-Casanovas
> Project Coordinator Phone:973-288-1697
> 
> OWASP Security Knowledge Framework is Black Duck's Rookie of the Year
> 
> We are thrilled, excited and really happy to announce that the OWASP Security Knowledge Framework has won the Rookie of the Year awards and honorable mention from Black Duck!
> 
> We want to thank everybody that helped us achieving this award especially the contributors and OWASP.
> 
> More information about the BlackDuck award can be found here: https://info.blackducksoftware.com/OpenSourceRookies2015.html.
> 
> This is a great milestone for OWASP and the SKF team!
> 
> Pycon
> 
> PYCON 2016 is coming to the Rose City in Portland, Oregon on May 28th - June 5th!
> 
> OWASP Developer Survey ranked PyCon #2
> 
> Opportunities to attend in behalf of OWASP
> 
> Sign-up Today!
> 
> PyCon 2016 has offered us the option to participate and contribute to their Open Spaces and Sprints.
> 
> Open Spaces
> Open spaces are a way for people to come together to talk about topics, ideas, or whatever they like. They offer groups the ability to self-gather, self-define, and self-organize in a way that often doesn't happen anywhere else at PyCon. Any subject that two or more attendees would like to talk about is a candidate for an Open Space.
> 
> How Do I Participate In An Open Space?
> It's pretty easy: Just show up :)
> 
> During PyCon, there will be Open Spaces boards somewhere near the registration desk. The boards acts as a time table for all the Open Spaces, so you know where and when to go for the Open Spaces you're interested in. If a topic is not listed yet, find an open time slot and add it! Open Spaces topic cards are included in the goodie bag you receive at registration.
> 
> What Open Spaces Are There?
> There are Open Spaces on many subjects a bunch of PyCon attendees would like to discuss. Since the PyCon attendees are a diverse bunch, so are the Open Spaces. In past years, we've had a mani/pedi party, a feminist hacking space, an AcroYoga space, and a board games room. There's also plenty of the usual suspects of technical subjects, from computer security to your favorite Python project to professional occupations like DevOps.
> 
> Where And When Are The Open Spaces?
> The Open Spaces are in a set of of dedicated rooms during all three of the conference days (Monday 5/30, Tuesday 5/31, Wednesday 6/1). The rooms may be needed for other events during portions of some days; please consult the Open Spaces boards for the final word on what's going on where.
> 
> How Do I Host An Open Space?
> For PyCon 2016, we will be using the Open Space cards that were re-introduced a few years back. These are small postcard sized cards with a short explanation of what Open Spaces are. The back side of that card is for hosting Open Spaces. Just fill in the name and a short description of your Open Space, and then pin your card on the Open Space board in the room and time slot you want. It's also a great idea to add your Twitter handle to the card in case anyone interested in attending your Open Space has a question or would like to contact you about it. The cards will be made available in the goodie bag which you will receive at registration. Extra cards will be available at the Open Spaces boards. In order to promote your Open Space we encourage you to tweet about it and use the hashtag #PyConOpenSpaces to make sure people see your tweets.
> 
> Planned Open Spaces
> If you have an idea for an Open Space, and a time when you want to meet, list it here on this page. It's also useful to add an approximate time slot if you have any preferences, so that attendees know where to look for your Open Space on the Open Spaces boards.
> 
> Development Sprints
> Thursday, June 2nd 2016 - Sunday, June 5th 2016
> 
> Development sprints are a key part of PyCon, and a chance for the contributors to open-source projects to get together face-to-face for up to four days of intensive learning, development and camaraderie. Newbies sit with gurus, go out for lunch and dinner together, and have a great time while advancing their project.
> 
> What's New with the Sprints by Naomi Ceder
> What are development sprints & why you should attend! by Kushal Das
> What's so special about Sprints? by Naomi Ceder
> What's A Sprint?
> Come for PyCon, stay for the sprints!
> 
> PyCon Development Sprints are four days of intensive learning and development on an open source project of your choice, in a team environment. It's a time to come together with colleagues, old and new, to share what you've learned and apply it to an open source project.
> 
> In the crucible of a sprint room, teaming with both focus and humor, it's a time to test, fix bugs, add new features, and improve documentation. And it's a time to network, make friends, and build relationships that go beyond the conference.
> 
> PyCon provides the space and infrastructure (network, power, tables & chairs); you bring your skills, humanity, and brainpower (oh! and don't forget your computer).
> 
> Please sign up on the PyCon 2016 Sign Up Sheet. If you are interested in attending in behalf of OWASP.
> 
> XML External Entities Resources Cleanup
> 
> A great deal of work has gone into cleaning up and updating the OWASP Wiki XXE ( XML External Entities) resources. Here are the two main updated resources.
> 
> XXE Prevention Cheatsheet
> https://www.owasp.org/index.php/XML_External_Entity_%28XXE%29_Prevention_Cheat_Sheet
> 
> XXE Vulnerability page
> https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
> 
> Thank you to Dave Wichers for leading the charge on XEE as well as John Passki and Xiaoran Wang for their work in this area.
> 
> Project Releases: Code Review Guide 2.0 Alpha and Dependency Check v.1.3.5
> 
> Code Review Guide 2.0 Alpha Released
> 
> The alpha release for the Code Review Guide 2.0 has been released. Please see the project page for more details. plus a shout out to the Long Island OWASP group for helping with a working session.
> 
> https://www.owasp.org/index.php/Code_review
> 
> OWASP Dependency Check v.1.3.5 Released
> 
> The OWASP dependency-check team is pleased to announce the release of version 1.3.5! Thanks to all those who have used the tool and provided feedback via the discussion group and issues in github. A special thanks goes out to those that have submitted pull requests! Please visit the documentation site for information on obtaining the new version (CLI, Maven Plugin, Ant Task, Gradle Plugin, Jenkins Plugin).
> 
> https://www.owasp.org/index.php/OWASP_Dependency_Check
> 
> 
> OWASP Events
> 
>  
> 
> Registration, Call for Papers and Call for Training is Open for
> AppSecUSA 2016 Conference in Washington, D.C.
> 
> Submit your application today!
> 
> The Open Web Application Security Project’s 13th Annual AppSecUSA Conference will take place in Washington, D.C. fromOctober 11-14. There are four exciting ways to participate!
>  
> Register as an attendee and learn about the latest breakthroughs in application security
> Speak about a cutting edge topic in the industry. Submit a speaking application today
> Teach about a web application security topic that is important to you. Submit a teacher training application
> Lightning Talk. Not ready to speak for a full hour but would like to share your knowledge? Apply to be a Lightning Talk speaker and give a brief 15 minute talk
>  
> See you in Washington, D.C.!
>  
> 
> OWASP is a non-profit organization with the mission of making application security visible so individuals can make informed risk decisions.
>  
> AppSecEU University Challenge
> 
> The University Challenge is a competition among teams comprised of university students that will be held on June 28th and 29th 2016, during the training days of the conference. There is no admission fee for the University Challenge - participation in the conference is possible at the student rate if applicable. This years UC is a two stage challenge:
> 
> Day 1: Capture The Flag (CtF), solving hacking challenges.
> 
> Day 2: Offense/Defense (Blue/Red Team), defending your vulnerable web application whilst attacking the application of the other teams.
> 
> This year the OWASP University Challenge will be limited to 10 teams. Teams will consist of 4-8 students, with one team per university. All team openings are on a first come first serve basis. If multiple teams are received from the same university the second team will be put on a wait list.
> 
> ===========================================================
> 
> Please register your time via this link (Google web form): http://goo.gl/forms/AN6uPS4vAG.
> 
> Global AppSec Events
> 
> AppSec Europe 2016, 30 June - 1 July, 2016, Rome, Italy. Call for Lightning Trainings closes April 30. Call for Activities closes April 30.
> 
> AppSec USA 2016, 11 October - 14 October 2016, Washington, DC
> 
> Local and Regional Events
> 
> Latam Tour 2016, April 7, 2016 - April 22, 2016, Latin America
> 
> AppSec ASIA 2016, May 19, 2016 - May 22, 2016, Wuhan, China
> AppSec PH 2016, August 26, 2016 - August 28, 2016, Philippines
> 
> Project Summits
> 
> OWASP SAMM Summit 2016, April 20-21, 2016, New York, USA
> 
> Partner and Promotional Events
> 
> Blackhat Asia 2016: March 31 - April 1, 2016, Marina Bay Sands Singapore, OWASP members receive a $200/USD discount on Briefings with discount code: OWBR0316
> 
> Cyber Security Summit Atlanta, April 6, 2016, The Ritz-Carlton, Buckhead, Atlanta, GA. The first 50 OWASP members will receive 50% off the summit ticket price by using discount code OWASPEXEC
> 
> The Cyber Security Summit, April 6 - April 7, 2016, Prague, Czech Republic. A limited amount of 10 seats are available for OWASP members for only € 299. For further questions, please contact Ms. Tatiana Buranska tatiana.buranska at ebcg.com +421-2-32202282
> 
> Connected Security Expo, April 6 - April 8, 2016, Sands Expo Las Vegas, NV
> 
> QuBit Conference, April 12 - April 14, 2016, Grandior Hotel Prague. OWASP members can save 10% by using their OWASP email address and discount code: OWASP*2016
> 
> Cyber Security Summit Dallas, May 3, 2016, Omni Dallas Hotel Dallas, TX, USA
> 
> 13th Annual CISO Europe Summit & Roundtable 2016, May 10 - May 13, 2016, Copenhagen Marriott, Denmark. OWASP members save 20% by registering with your OWASP email address and discount code: OWASP2016
> 
> ONE2ONE SUMMIT, May 23 - May 25, 2016, Hotel Monteleone, New Orleans, LA
> 
> Hack in the Box: May 26-27, 2016, Amsterdam, The Netherlands
> 
> SC Congress Toronto: June 1, 2016 - June 2, 2016, Metro Convention Center Toronto, CN. Register today for an exclusive OWASP Member discount of $125. Full Conference pass sells for $350 Use the discount code - OWASPMEM
> 
> Techno Security & Forensics Investigations Conference / Mobile Forensics World: June 5 - June 8, 2016, Myrtle Beach, SC, OWASP Members save 30% by using your @owasp email address and discount code: OWASP16
> 
> Cyber Security Summit DC/Metro, Virginia, June 30, 2016, The Ritz-Carlton, Tysons Corner
> 
> ICCS 2016: July 25 - July 28, 2016, Fordham University at Lincoln Center, New York, NY
> 
> Black Hat USA 2016: July 30 - August 4, 2016, Las Vegas, NV
> 
> DevCon5, August 1 - August 4, 2016, New York, NY
> 
> BSides Las Vegas: August 2 - August 3, 2016, Las Vegas, NV
> 
> ICCS 2016, August 13 - August 14, 2016, Rajasthan, India
> 
> Cyber Security Summit Chicago, August 25, 2016, Hyatt Regency Chicago
> 
> ONE2ONE SUMMIT: September 14 - September 16, 2016, Boca Beach Club, Boca Raton, FL
> 
> Cyber Security Summit New York, September 21, 2016, Grand Hyatt New York
> 
> (ISC)2 Security Congress EMEA 2016: October 18-19, 2016, Croke Park Stadium Dublin, Ireland
> 
> Cyber Security Summit Los Angeles, October 27, 2016, Fairmount Miramar Hotel
> 
> Ads are not endorsements and reflect the messages of the advertiser only.They represent co-marketing arrangements
> with other organizations in support of the OWASP Community.   CLICK HERE for more information on advertising.
> 		
> 
> 
> OWASP Chapters
> New Chapters
> 
> Fukushima, Japan: Masato Kaneko (masato.kaneko at owasp.org), leader https://www.owasp.org/index.php/Fukushima
>  
> Okinawa: Shinichi Fuchigami (shinichi.fuchigami at owasp.org) and Nobuho Matayoshi (nobuho.matayoshi at owasp.org), leaders
> https://www.owasp.org/index.php/Okinawa
>  
> Medellin: Fernando Quintero (fernando.quintero at owasp.org) and Alejandro Vanegas (alejandro.vanegas at owasp.org), leaders
> https://www.owasp.org/index.php/Medellin
>  
> S&atilede;o José de los Campos: Thalysson Sarmento (thalysson.sarmento at owasp.org) leader
> https://www.owasp.org/index.php/Sao_Jose
>  
> Tripoli: Zaid Khalil (zaid.Khalil at owasp.org), leader
> https://www.owasp.org/index.php/Tripoli
>  
> Visakhapatnam: Sudhansu Choudhary (sudhansu.choudhary at owasp.org), leader
> https://www.owasp.org/index.php/Visakhapatnam
> Chapter Restarts
> 
> India (regional coordinators): Milan Singh Thakur (milan at owasp.org) and Nitin Pandey (nitin.pandey at owasp.org) join as leaders, replacing Dhruv Soi and Nitin Saxena who have served in that role for many years. Thanks!
> Transitions
> 
> Chennai: Antony Raj (anthony.raj at owasp.org), leader
> https://www.owasp.org/index.php/Chennai
>  
> Durgapur: Debolina Khasnobish (debolina.khasnobish) and Rajiv Chakrborty (rajiv.chakrborty at owasp.org), leaders https://www.owasp.org/index.php/Durgapur
>  
> Kansas City: New Chapter leader Nathaniel Cole (nathaniel.cole at owasp.org) joins Justin Ferguson and Mat Caughron as leader
> https://www.owasp.org/index.php/Kansas_City
>  
> Pune: Sumita Uday (sumita.uday at owasp.org) joins Ashwini Paranjpe as leader https://www.owasp.org/index.php/Pune
> New Student Chapter
> 
> 
> Mumbai Student Chapter: President: Dhiraj Mishra, Treasurer: Vipin Pal, Faculty Advisor: Archana Bhide
> https://www.owasp.org/index.php/Mumbai_Student_Chapter
> Academic Supporters
> 
> 
> Higher Colleges of Technology, UAE, Faculty Contact: Ayman Ahmed
>  
> Universidad ORT, Uruguay (Renewal), faculty Contact: Roberto Ambrosoni
>  
> Universidad Pontificia Bolivariana, Colombia, faculty Contact: Diego Ademir Duarte Santana
>  
> University of Central Florida, Orlando, FL, USA, faculty Contact: Thomas Nedorost
> Learn more about our Student Chapters and Academic Supporter programs.
> Notable Chapter Activity
> 
> 
> OWASP Day 2016 in Tokyo
> 
>  
> OWASP Nigeria hosts its first meeting in Lagos.
>  
> OWASP Kerala holds a series of meetings at four universities.
> Share Your Stories!
> 
> We at the OWASP Global Foundation are looking forward to hearing about more such events in future. Share your chapter's successes! Submit your stories to support at owasp.org
> 
> OWASP Membership is a great way to contribute to our local chapters and projects. A portion of your membership can be allocated to the chapter and/or project of your choice. Please show your support for OWASP Projects and Chapters by becoming an Individual or Corporate member today!
> 
> 
> OWASP Membership
> Membership Drive
> 
> As part of our overall 2016 Membership recruitment and appreciation program, we will be introducing a new incentive on April 1, 2016. Stay tuned!
> 
> Renewed Corporate Members (Premier Level)
> 
> Qualys
> Renewed Corporate Members (Contributor Level)
> 
> Denim Group
> Intelligent Environment
> Symantec
> Twitter
> Become a Corporate Supporter. Find out how by visiting our Corporate Supporters information page.
> 
> Upcoming Partnership & Co-Marketing Events:
> See https://www.owasp.org/index.php/Category:OWASP_AppSec_Conference
> 
> 
> OWASP Social Media
> OWASP Social Media Site
> 
> OWASP YouTube Channel
> LinkedIn
> Twitter
> Google +
> Facebook
> Ning
> StackOverflow
> GitHub
> Trello
> Slack
> 
> 
> Click to view this email in a browser 
> 
> If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe
> The OWASP Foundation
> 1200-C Agora Drive
> #232
> Bel Air, Maryland 21014
> US
>              
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-columbia/attachments/20160331/f3433c0c/attachment-0001.html>


More information about the OWASP-Columbia mailing list