[OWASP-Columbia] OWASP Foundation | May 2016 Connector

Frank Catucci frank.catucci at owasp.org
Tue May 17 00:05:15 UTC 2016

[image: OWASP Global Connector]

May 13, 2016 | www.owasp.org
| Contact Us
| Brought to you by the OWASP Foundation
[image: Communications] <#m_3184332372694291711_CommunicationsHeading>
Drive Ends June 20 <#m_3184332372694291711_DRIVE> 2016 OWASP Foundation
Global Board Election - Call for Candidates now open
<#m_3184332372694291711_ELECTION> Free Training - The "softer side" of
Application Security <#m_3184332372694291711_TRAINING> Provide your input
to the OWASP Infrastructure Improvement process
<#m_3184332372694291711_OPINION> [image: projects]
<#m_3184332372694291711_Projects> Google Summer of Code Projects Selected
<#m_3184332372694291711_GSOC> OWASP SAMM - Summit outcomes and new release
information <#m_3184332372694291711_SAMM> New Incubator Projects
<#m_3184332372694291711_NEWPROJECTS> Project Release: HTML Sanitizer
Release 20160413.1 <#m_3184332372694291711_RELEASES> [image: Conference]
<#m_3184332372694291711_ConferenceHeading> AppSecEU 2016
<#m_3184332372694291711_UNIVERSITY> AppSec USA 2016
<#m_3184332372694291711_APPSECUSA> Global AppSec Events
<#m_3184332372694291711_GLOBAL> Local and Regional Events
<#m_3184332372694291711_LOCAL> Project Summits
<#m_3184332372694291711_SUMMITS> Partner and Promotional Events
[image: chapters] <#m_3184332372694291711_ChapterHeading> New OWASP Chapters
<#m_3184332372694291711_NewChapters> Chapter Transitions
<#m_3184332372694291711_Transitions> [image: membership]
<#m_3184332372694291711_MembershipHeading> Renewed Corporate Members
<#m_3184332372694291711_ContribCorpRenew> New Contributing Members
<#m_3184332372694291711_ContribCorpRenew> [image: Social Media]
<#m_3184332372694291711_SocialHeading> OWASP Foundation Social Media
[image: Communications]
*OWASP Communications*
OWASP Membership Drive

As part of our overall 2016 Membership recruitment and appreciation
program, below is our Q2 incentive for new, renewal and honorary members.
Stay tuned for other exciting member incentives each quarter!

Anyone who purchases a new individual membership, renews their existing
individual membership or submits and is approved for an Honorary*
Membership between April 1, 2016 and June 20, 2016 will be entered into a
raffle to win one of three prizes! The raffle will be held June 22, 2016.
Winners will be notified and results posted the same day. Prizes include
and will be raffled off in this order:

   - First Prize: One (1) Amazon gift card (value $50)
   - Second Prize: One (1) AppSecEU 2016 (value 600Euro) or One (1)
   AppSecEU 2017 conference ticket
   - Third Prize: One (1) AppSecUSA 2016 conference ticket (value $995)

Join or Renew HERE

*Honorary Membership is NOW available year round. To learn more about
Honorary Membership and to see if you are eligible, please visit our
Honorary Membership page here. Submissions will be reviewed and verified by
2016 OWASP Foundation Global Board Election - Call for Candidates now open

We are pleased to announce that the 2016 Global BoD Call for Candidates is
now OPEN! You may submit your candidacy here
There are 3 seats available for this election. For the complete election
timeline, board responsibilities, eligibility requirements, and other
election details please refer to our 2016 Election page

Some Key Updates & Improvements for this years election process:

   - Similar to years past, we will announce all verified candidates once
   the Call for Candidates closes. This process generates more candidates and
   minimizes any "popularity contests". More candidates = more choices for
   you. Candidates that wish to announce their candidacy themselves MAY DO SO
   at any time.
   - An email will be sent to the entire community prior to the paid
   membership deadline (Sept 30) asking them to check the Membership Directory
   to be sure they are listed as a current individual member. If individuals
   believe they are a current paid individual member, but their name does not
   appear in the Membership Directory, they will be asked to contact us
   immediately. Please feel free to check the directory now and contact me if
   you believe you should be listed as an Individual Member and are not.
   - Unsubscribed emails to voting list - without an @owasp.org email
   address the voting system is unable to identify who has chosen to
   unsubscribe from receiving these emails which contain a link to the ballot.
   To be sure all registered voters receive their ballots, they will be sent
   an email from OWASP letting them know they should have received a ballot.
   If they did not receive a ballot, they will be asked to contact us
   immediately. Every time the voting system sends an email with the link to
   the ballot and email from OWASP will follow.
   - An email will be released in addition to social media posts on August
   10 that will include the candidates names, "why me", profile picture and

We are looking forward to a successful election process. If you have any
questions, please CONTACT US

Free Virtual Training Class: The "softer side" of Application Security

Are you a developer looking to gain some insight into Application Security
but just don't know where to start? If so, then this class is for you!

Bill Sempf, Application Security Architect and Author, will be guiding
participants on a 3 hour journey through the softer side of application

Bill's description of the class content: In this kinder and gentler
training, we won't break into anything (for a change). Instead, we'll talk
about working with developers and information security to make our lives
better. We'll start with information disclosure vulnerabilities, and how to
mitigate them, then we'll pivot into SDLC arrangements and setting up an
application security department. There will be a lot of "well duh" moments,
several provocative statements, and lots of discussion. What's more, we'll
get to use the new OWASP GoToTraining environment, which I hope all of you
will use to teach me something! All in all, a good time for all - hope to
see you there.

The free virtual training class will be 1-June-2016 at 12 noon EDT. Space
is limited so sign up soon. Seats for the live training will be allocated
first to OWASP members. Not a member? CLICK HERE
for information on OWASP membership. The training will be recorded and made
available after the live presentation. Please register here

OWASP needs your input!

The OWASP Foundation has begun the process to improve the critical
infrastructure and system platforms for the Global organization. The OWASP
website, built on mediawiki, has become overloaded with content. We are
looking at ways to improve the layout and navigation of the wiki.

We want your input and want you to provide some feedback on how you use the
wiki and how you think it can be improved.

Please take 5 minutes and complete this short SURVEY

for a 10 minute presentation on the project that was given at the NYC
chapter meeting.

[image: projects]
*OWASP Projects*
Google Summer of Code Projects Selected

*6 Projects have been selected for the 2016 Google Summer of code*:

   - OWASP Hackademic Challenges
   - OWASP AppSensor
   - OWASP Seraphimdroid
   - OWASP ZSC Tool

Currently the Mentors and Students are bonding to start coding on

Visit the GSoC 2016 Page
details on the ideas to be worked on for all of these projects!
Do you know SAMM?

OWASP SAMM (Software Assurance Maturity Model) is an open framework to help
organizations formulate and implement a strategy for software security that
is tailored to the specific risks facing the organization. SAMM helps you:

   - Evaluate an organization's existing software security practices
   - Build a balanced software security assurance program in well-defined
   - Demonstrate concrete improvements to a security assurance program
   - Define and measure security-related activities throughout an

The much anticipated SAMM 1.1 was released in March 2016. Read the entire
press release HERE

Last month, contributors from 18 different cities in Belgium, France,
Germany and the United States met in New York, NY for the second annual
SAMM summit. The SAMM contributors, led by Seba Deleersnyder and Bart De
Win reviewed the 1.1 release, outlined improvements for the in-process 1.2
release (expected release date - June 2016), and created the roadmap for
SAMM 2.0 (expected release date - June 2017).

Are you ready to get involved? The SAMM team collaborates virtually every
2nd Wednesday of the month. Call details and minutes/agenda from previous
calls can be found on the Community tab
of the project webpage.

If you are unable to participate in the meetings, but still want to support
SAMM, you can allocate a portion of your individual membership
fees to the project or make a donation here

Companies and other organizations who wish to support this project,
please CONTACT
for additional information and options.
New Incubator Projects

   - OWASP Secure Headers Project
   - OWASP DefectDojo Project
   - OWASP Malware Scanner Project
   - OWASP Basic Expression %26 Lexicon Variation Algorithms (BELVA) Project
   - OWASP Malware Scanner Project
   - OWASP Top 10 fuer Entwickler Project

Project Releases: OWASP HTML Sanitizer Release 20160413.1

The OWASP HTML Sanitizer
is a fast and easy to configure HTML Sanitizer written in Java which lets
you include HTML authored by third-parties in your web application in a
safe fashion.

You can find the latest release HERE

[image: Conference]
*OWASP Events*
[image: AppSecEU] World Class Training Available In Italy

We have asked students who have attended OWASP Training how we could
improve the training portion of our Global AppSec Events. The response is
always *PROVIDE MORE TRAINING!* To answer this, AppSec Europe in Rome,
Italy will host an unprecedented 14 different training classes over three
days. There are 1 day, 2 day, and now 3 day classes available.

Space for the classes is extremely limited so be sure to sign up early

Details can be found on the Conference program pages.
OWASP Project Summit EU 2016

We are excited to announce the Project Summit EU 2016. OWASP is providing a
platform for two full days prior to the APPSEC EU activities. An open forum
setting for ideas, innovations, gain contributors and share feedback for
projects to advance to the next level.

This year the project summit will include the opportunity to work on some
of the hot topics and initiatives being discussed with OWASP. Please give
us your feedback on which of the following topics you’d like to see
discussed at the summit:

   - Gaming OWASP projects and badges
   - OWASP code project bug bounties
   - Bringing OWASP documentation projects into github/markdown & sharing
   - Use this opportunity to demo your project to others at the summit,
   promote for sponsorship, gain feedback, or simply brainstorm some ideas and
   add a few features.

Let's make this a success!

Details can be found HERE

Sign Up HERE

Deadline to sign up is May 12th
AppSecEU University Challenge

The University Challenge is a competition among teams comprised of
university students that will be held on June 28th and 29th 2016, during
the training days of the conference. There is no admission fee for the
University Challenge - participation in the conference is possible at the
student rate if applicable. This years UC is a two stage challenge:

Day 1: Capture The Flag (CtF), solving hacking challenges.

Day 2: Offense/Defense (Blue/Red Team), defending your vulnerable web
application whilst attacking the application of the other teams.

This year the OWASP University Challenge will be limited to 10 teams. Teams
will consist of 4-8 students, with one team per university. All team
openings are on a first come first serve basis. If multiple teams are
received from the same university the second team will be put on a wait


Please register your time via this link (Google web form):
[image: AppSecUSA2015_banner 2]

*Registration, Call for Papers and Call for Training is Open for AppSecUSA
2016 Conference in Washington, D.C. Submit your application today!*

The Open Web Application Security Project’s 13th Annual AppSecUSA
Conference will take place in Washington, D.C. fromOctober 11-14. There are
four exciting ways to participate!

   - *Register*
   an attendee and learn about the latest breakthroughs in application security
   - *Speak*
   a cutting edge topic in the industry. Submit a speaking application today
   - *Teach*
   a web application security topic that is important to you. Submit a teacher
   training application
   - *Lightning Talk*
   *.* Not ready to speak for a full hour but would like to share your
   knowledge? Apply to be a Lightning Talk speaker and give a brief 15 minute

See you in Washington, D.C.!

OWASP is a non-profit organization with the mission of making application
security visible so individuals can make informed risk decisions.

Global AppSec Events

AppSec Europe 2016
27 June - 1 July, 2016, Rome, Italy.

AppSec USA 2016
11 October - 14 October 2016, Washington, DC
Local and Regional Events

AppSec ASIA 2016
May 19, 2016 - May 22, 2016, Wuhan, China
AppSec PH 2016, August 26, 2016 - August 28, 2016, Philippines
Project Summits

OWASP Europe Project Summit 2016
June 27-July 1, 2016, Rome, Italy
Partner and Promotional Events Cyber Security Summit Dallas
May 3, 2016, Omni Dallas Hotel Dallas, TX, USA

13th Annual CISO Europe Summit & Roundtable 2016
May 10 - May 13, 2016, Copenhagen Marriott, Denmark. OWASP members save 20%
by registering with your OWASP email address and discount code: OWASP2016

ISC(2) Secure Zurich
May 19, 2016, Zurich. OWASP members save 10% off the published price of
EUR99 by using discount code ISC2ZURSOWASP

ISSA-LA Security Summit
May 19 - May 20, 2016, Universal City, CA

May 23 - May 25, 2016, Hotel Monteleone, New Orleans, LA

Info Security Conference
May 24, 2016, Singapore. OWASP member save 15%

ISC(2) Secure Scandinavia
May 26, 2016, Scandinavia. OWASP member save 10% by using discount code:

Hack in the Box
May 26-27, 2016, Amsterdam, The Netherlands

SC Congress Toronto
June 1, 2016 - June 2, 2016, Metro Convention Center Toronto, CN. Register
today for an exclusive OWASP Member discount of $125. Full Conference pass
sells for $350 Use the discount code - OWASPMEM

Techno Security & Forensics Investigations Conference / Mobile Forensics
June 5 - June 8, 2016, Myrtle Beach, SC, OWASP Members save 30% by using
your @owasp email address and discount code: OWASP16

DevTalks 2016
June 9, 2016, Bucharest

(ISC)2 Secure France
June 22, 2016, France

Cyber Security Summit DC/Metro
Virginia, June 30, 2016, The Ritz-Carlton, Tysons Corner. OWASP member save
50% by using discount code: OWASPEXEC

Secure Austria
June 30, 2016, T-Center, Austria. OWASP member save 10% by using discount

ICCS 2016
July 25 - July 28, 2016, Fordham University at Lincoln Center, New York, NY

Black Hat USA 2016
July 30 - August 4, 2016, Las Vegas, NV. OWASP Members save $200 off a
Briefings pass by using your @owasp email address and discount code OWa16us

August 1 - August 4, 2016, New York, NY

BSides Las Vegas
August 2 - August 3, 2016, Las Vegas, NV

ICCS 2016
August 13 - August 14, 2016, Rajasthan, India

Cyber Security Summit Chicago
August 25, 2016, Hyatt Regency Chicago. OWASP member save 50% by using
discount code: OWASPEXEC

September 14 - September 16, 2016, Boca Beach Club, Boca Raton, FL

Cyber Security Summit New York
September 21, 2016, Grand Hyatt New York

(ISC)2 Security Congress EMEA 2016
October 18-19, 2016, Croke Park Stadium Dublin, Ireland

Cyber Security Summit Los Angeles
October 27, 2016, Fairmount Miramar Hotel. OWASP member save 50% by using
discount code: OWASPEXEC

(ISC)2 Secure Dubai
November 22, 2016, Dubai

(ISC)2 Secure London
December 6, 2016, London
Ads are not endorsements and reflect the messages of the advertiser
only.They represent co-marketing arrangements
with other organizations in support of the OWASP Community.   CLICK HERE
for more information on advertising.
[image: nowsecure]
[image: chapters]
*OWASP Chapters*
New Chapters

   - Punjab, India: Ramandeep Singh (ramandeep.singh at owasp.org), leader

   - Riviera Maya, Mexico: Paulino Calderon (Paulino.Calderon at owasp.org),

   - PONDICHERRY: Sriram Shyam (Sriram.Shyam at owasp.org), leader

   - Jodhpur, India: Lucky Sen (Lucky.Sen at owasp.org) leader

   - Richmond, VA, USA: Susanna Bezold (Susanna.Bezold at owasp.org), leader


   - Curitiba: Marcos Machado (Marcos.Machado at owasp.org), leader

   - Edmonton, Canada: Mark Gordon (Mark.Gordon at owasp.org), leader

   - Nashville, TN, USA: New Chapter leader James Briggs (
   James.Briggs at owasp.org), leader

   - Saudi Arabia: Yaser Alosefer (Yaser.Alosefer at owasp.org), leader

   - UW Bothell Student Chapter: Cody Burkard (Cody.Burkard at owasp.org),
   leader https://www.owasp.org/index.php/UW_Bothell

Learn more about our Student Chapters
and Academic Supporter programs.

*Share Your Stories!*

We at the OWASP Global Foundation are looking forward to hearing about more
such events in future. Share your chapter's successes! Submit your stories
to support at owasp.org

OWASP Membership is a great way to contribute to our local chapters and
projects. A portion of your membership can be allocated to the chapter
and/or project of your choice. Please show your support for OWASP Projects
and Chapters by becoming an Individual or Corporate member today!
[image: Membership]
*OWASP Membership*
Renewed Corporate Members

   - Blackhat USA
   - NetSuite
   - Trustwave
   - Security Innovation
   - Gotham Digital Science
   - FICO
   - Software Improvement Group
   - Cigital
   - Rakuten

New Contributing Corporate Members

   - NowSecure
   - Oracle
   - Schuberg Philis
   - Sooryen

[image: Social Media]
*OWASP Social Media*
OWASP Social Media Site

   - OWASP YouTube Channel
   - LinkedIn
   - Twitter
   - Google +
   - Facebook
   - Ning
   - StackOverflow
   - GitHub
   - Trello
   - Slack

Click to view this email in a browser

If you no longer wish to receive these emails, please reply to this message
with "Unsubscribe" in the subject line or simply click on the following
link: Unsubscribe <http://cts.vresp.com/u?bf9bfcb139/d1c8dfd3bd/mlpftw>
The OWASP Foundation
1200-C Agora Drive
Bel Air, Maryland 21014
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-columbia/attachments/20160516/b38605f7/attachment-0001.html>

More information about the OWASP-Columbia mailing list