[OWASP-Columbia] OWASP Connector November 2017

Frank Catucci frank.catucci at owasp.org
Mon Nov 27 19:13:21 UTC 2017


> 
>      
>  
> 	
> FOLLOW US
> 
>            
> 
>   COMMUNICATIONS |  PROJECTS |  EVENTS |  CHAPTERS |  MEMBERSHIP  	
> 
> Mon, November 27, 2017		
> OWASP CONNECTOR
>  	
> 
> Welcome New Board Members!
> 
> We are glad to welcome Chenxi Wang, Owen Pendlebury, Sherif Mansour and  Greg Anderson to the OWASP Board of Directors.  You can read more about the election, including the full results on the OWASP Blog.  
> Welcome Karen Staley OWASP's New Executive Director
> Please join the Board of Directors in welcoming Karen Staley to the OWASP Foundation as the new Executive Director.  Karen joins us from her prior position as the Senior Vice President of the IAAPA EMEA, based out of Brussels Belgium.  In this role, she lead, directed, and managed all aspects of the association for 1,370 members across Europe, the Middle East, and Africa, working to develop and efficiently manage a $5M annual budget.  She has managed strategic business planning including the development of future growth and revenue models and overseen brand development, sponsorship, and overall communication strategy for the organization.  She speaks English, German, and French and the Board is delighted that she has decided to join OWASP.   Her international nonprofit leadership experience will be a huge benefit to the organization.
> 
> Throughout the interview process, Karen impressed us all with her tremendous amounts of experience.  When asked about many of the situations OWASP has been faced with in the past, Karen put forward a calm and rational strategy for resolution.  She'll be the first to admit that she is less experienced with information security topics, but she has shown an extreme passion for OWASP's mission and a strong desire to take the OWASP Foundation to the next level.
> 
> Over the past couple of weeks, Karen has been working with the OWASP Staff in order facilitate Matt Tesauro's transition and to understand the roles and responsibilities of our other Staff.  She has also reached out to several OWASP Leaders to better understand the challenges they face, and, with the full support of the Board, she will continue to work with all of OWASP's stakeholders to formulate a strategy on the next iteration of OWASP. 
> 
> OWASP is an incredible organization full of some of the smartest and most dedicated people in the open web security community, who are bound together by a singular mission to educate the world on the importance of application security.  In Karen, the Board believes we have found an experienced, global, leader who can make us all more successful in accomplishing that mission.  Please join us in welcoming Karen Staley as the OWASP Foundation's new Executive Director.
> 
> See you Later Matt!
> 
> We are sad to share that Matt Tesauro has moved on from OWASP to new challenges.  
> 
> Matt has been an active community member and Project Leader for over 9 years--including a stint as OWASP Board Member 2011-2012 and a staff member since July of 2016.  While we are sad to lose Matt as a staff member, we hope to see him prosper in his new position as a Senior AppSec Engineer at Duo Security and look forward to collaborating with him for many years as an OWASP Project Leader and community member.  
> 
> See you later Matt!
> 
> OWASP in the News
> New OWASP Top 10 List Includes Three New Web Vulns DarkReading; November 21, 2017
> OWASP vulnerability chart suggests web app devs are not smelling the security coffee SC Media; November 24, 2017
> The OWASP Top 10 is killing me, and killing you! Hewett Packard Enteprise Blog; October 26, 2017
>  
> 
> Ads are not endorsements and reflect the messages of the advertiser only. They represent co-marketing arrangements with other organizations in
> support of the OWASP Community.  CLICK HERE for more information on Advertising.
> 
>  	
> 
> OWASP Code Sprint '17
> 
> 
> This year OWASP hosted the OWASP Code Sprint to encourage thirteen university students from all over the world to dedicate time to improve open source security with paid internships for working on OWASP Projects.  The sprint is over and you can read the results on the OWASP Blog!
> 
> The OWASP Top 10 - 2017 is OUT
> The final release of the 2017 OWASP Top 10 is now availible.  This year saw major changes to the Top 10 including the removal of CSRF and the addition of an entirely new  item.  You can read all about the new Top 10 and the process for develping in the blog post written for us by Project lead Brian Glas.
> 
> OWASP Project Releases
> 
> 
> Tool Projects:
> 
> OWASP Zed Attack Proxy
> 
> Release w2017-11-20
> 
> https://github.com/zaproxy/zaproxy/releases/tag/w2017-11-20
> 
> OWASP OWTF
> 
> Release MacinOWTF
> 
> OWASP Dependency Check
> Release v3.0.2
> OWASP Security Shepherd
> Release 3.0
>  
> Documentation Projects:
> OWASP Top Ten Project
> Release 2017-RC2
>  
> 
>  
> Tool Projects
> O-Saft
> Release Version 17.09.17
> OWASP DefectDojo Project
> Release version 1.24
>  
> 
> 
> 						
> 
> 						New OWASP Projects:
> OWASP Risk Rating Management
> OWASP DevSlop Project
> OWASP SecurityRAT Project
> OWASP Cyber Defense Matrix
> OWASP Top 5 Machine Learning Risks
> OWASP Security Operations Center SOC Framework Project
> 
> 
> 
> 
>   CLICK HERE for more information on Advertising.
>  	
> 
> Apply to train or to talk at AppSec Europe 2018!
>  
> We are glad to announce that the 2018 AppSec Europe Call for Papers and Call for Training is now open.
>  
> This year the special theme of OWASP AppSec Europe is: Usable Security.  We ask for you to think about how security is affected by the human aspects of users, developers and administrators? How do we design, deploy and manage a security system so that it will be used consistently and properly? What lessons can we learn from past success (or not-exactly-success...) stories in which the human factor played a major role?
>  
> Topics of interest include, but are not limited to:
> Novel web vulnerabilities and countermeasures
> New technologies, paradigms, tools
> OWASP tools or projects in practice
> Secure development: frameworks, best practices, secure coding, methods, processes, SDLC
> Browser security
> Mobile security and security for the mobile web
> Cloud security
> REST/SOAP security
> Security of frameworks
> Large-scale security assessments of web applications and services
> Privacy risks in the web and the cloud
> Management topics in Application Security: Business Risks, Awareness Programs, Project Management, Managing SDLC
> To ensure the best talks available are presented at AppSec Europe blind reading is being incorporated as part of their process. This means that names and job titles will be removed when the paper abstract is being reviewed. All speakers will be given access to speaker mentorship. 
>  
> The submission deadline is January 5, 2018. Please submit your proposal through EasyChair and encourage those you want to learn from in hands on training sessions or 45 min. talks to apply as well.
> Apply Today
> 
> Upcoming Events
>  
> AppSec Europe 2018 — June 17–21, 2018; Tel Aviv, Israel
> AppSec USA  — Fall 2018; San Jose, CA, USA
> Regional and Local Events
> AppSec California 2018 — January 28–31, 2018; Santa Monica, CA, USA
> OWASP New Zealand Day 2018 — Feburary 4–8, 2018; Aukland University, New Zealand
> SnowFROC2018 — March 8, 2018; Denver, CO, USA
> OWASP AppSec Africa 2018 — May 10–12, 2018; Morocco
> SuperSec — May 11, 2018; Spain
> LASCON2018 — September 23–26, 2018; Austin, TX, USA
> Partner and Promotional Events
> IoT Tech Expo North America — November 29-30, 2017; Santa Clara, CA, USA
> Black Hat Europe 2017— December 4-7, 2017; London, UK
> SANS CyberTalent Fair— December 7, 2017; Bethesda, MD, USA
> ICCS 2018 — January 8-11, 2018; New York, NY, USA
> DevSecCon Singapore — February 22-23, 2018; Singapore
> 
>   	
> 
> Is MeetUp Pro Right for Your Chapter?
> If you are a Chapter using MeetUp, you should make sure that you are on the OWASP MeetUp Pro account.  The MeetUp pro account saves your chapter's budget the cost of a MeetUp account and saves you the trouble of going through reimbursment.  Being on the Foundation MeetUp pro account also gives you higer visiblity when people do searches for OWASP Meetings on MeetUp--especially for folks who may be traveling and willing to speak at your chapter.  
> 
> If you do not have a MeetUp account and live in an area where MeetUp is widely used, please consider using MeetUp as a tool to reach out to people in your community you might otherwise miss.  Read more about the Foundation's MeetUp Pro account on the Chapter FAQ.  If you are interested in joining us, use the Contact Us form to make the request. 
> 
>  
> The OWASP Foundation, 1200C Agora Drive #232, Bel Air, Maryland, 21014, USA
> 
> 
> 
> Click to view this email in a browser 
> 
> If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe
> 
> Click here to forward this email to a friend
> 
> The OWASP Foundation
> 1200-C Agora Drive
> #232
> Bel Air, Maryland 21014
> US
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-columbia/attachments/20171127/cfc2ca49/attachment-0001.html>


More information about the OWASP-Columbia mailing list