[OCC] Topics for IBSIG presentation

Justin Clarke justin.clarke at owasp.org
Wed Feb 24 07:01:45 EST 2010


As mentioned, I'm giving a presentation to the London IBSIG, which is an industry group attended by senior IT Risk and CISO's from across the large Investment Banks in London. The agreed topic was something similar to "The five best/top things that OWASP has/provides/released/projects you may not know about".  Essentially the drive is to point out the things that may be very interesting to this vertical (and especially this very influential, but not necessarily involved in the detail or technical audience) that they probably aren't aware OWASP has done/released.

My initial ideas are :-
OpenSAMM - maturity assessment, useful framework for visualising progress etc etc
ESAPI - potential basis for an internal "Secure API"
Education committee outputs - a lot of material that could form a useful basis for internal security training
OWASP Guides - secure dev, code review, testing

Any others I should especially mention? I'm not wedded to 5, but I don't want to present any more than that. Also, the ecosystems push that is kicking off is very interesting, but is vapourware at the moment - I'd like anything I mention to be something that is already substantial.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-connections-committee/attachments/20100224/f1201078/attachment.html 

More information about the Owasp-connections-committee mailing list