[Owasp-ireland] Fwd:OWASP Connector April 2017

pendo19 at gmail.com pendo19 at gmail.com
Mon May 29 14:37:47 UTC 2017

http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/38f1b3842c FOLLOW US

http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/5c526d4c37    -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/f3dd3fc584    -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/5d856ce052    -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/3c4b6da433    -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/82b2d73023    -
Mon, May 29, 2017  -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/d59ef11bdc   -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/9134da3c3f OWASP CONNECTOR    Change to the Global Board of Directors

Johanna Curiel -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/c7aba9d82b  has stepped down from her position on the Global Board of Directors.
Following precedent, Martin Knobloch -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/c748b204cb , who received the next highest vote count -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/2a28205b97 , was raised to the OWASP Board of Directors -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/a7b777f3e7  and the board will hold a vote for positions on the board.

Operations Update

The May Operations Update -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/562cae0830  includes vital information about OWASP's infrastructure initiatives,
project activity, and Chapters. Read it for an overview of what is
happening in OWASP.

2017 Global Board of Directors Election

The Call for Candidates for the Global Board of Directors ​is now
open! The OWASP Global Board of Directors is an all-volunteer board
dedicated to the organizational mission which directs the strategic
direction of OWASP. This year there are 4 open positions for the
board. Due to a vote on February 8th, 2017 - link  which mandated
that no board member may serve more than 2 2-year terms in a 10 year
period there will be no incumbent board member up for election. To
learn more about the Election and to submit your candidacy, please

OWASP in the News   OWASP top ten - Boring Security That Pays Off -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/f621b47e12  Malwarebytes Blog, May 4, 2017 Which of the OWASP Top 10 Caused the
World's Biggest Data Breaches? -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/b2a09fbbd2  Snyk Blog, May 10, 2017 A Modern Villain -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/f6b67bce30  Healthcare Informatics Institute, May 19, 2017 You Could Be
WannaCry's Next Victim, So Be Prepared -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/b57102b4f4  Malaysian Digest, May 23, 2017    OWASP Code Sprint '17


The OWASP Code Sprint 2017 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/507f598735  is a program that aims to provide incentives for students to
contribute to OWASP projects. By participating in the OWASP Code
Sprint 2017 a student can get real-life experience contributing to an
open source project. A student who successfully completes the program
will receive in total $1500. You can read more on the Code Sprint
2017 wiki page -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/3a10c17014 .

How it works

Any code/tool project can participate in the OWASP Code Sprint. Each
project will be guided by an OWASP mentor. Students are evaluated in
the middle and at the end of the coding period, based on success
criteria identified at the beginning of the project. Successful
students will receive $750 after each evaluation, a total of $1500
per student.


Project Summit Belfast Recap

OWASP had another successful project summit at AppSec Europe Belfast.
The Project Summit is a combination project working session and
program improvement session for OWASP Projects. In addition to
presenting their projects -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/2fa1493792/usp=sharing  to the summit, the leaders discussed ways for their projects to
collaborate and there was a proposal from one leader to combine two
existing projects with some additional work into a new third project.
Project leaders were very excited about up coming improvements to
OWASP and Projects, including Discourse, Project Handbook changes and
gamification options that will be soon available.

In addition to focusing on programmatic changes and their projects,
leaders and other community members came together to review seven
applications for projects wishing to graduate to the next level of
project maturity.

If you would like to attend the next AppSec Project Summit -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/8c5e59cee3 , see the below for details.

Sign Up for the AppSec USA Project Summit!


The AppSec USA Project summit is now accepting participants -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/e462be3f1f/usp=sharing  and suggestions for our Hot Topics. Project Summits at Global events
include working sessions that allow project leaders and contributors
to work together face to face in an intense and productive
environment to move their projects forward. This is a great
opportunity for local contributors or those attending the conference
to become more deeply involved in OWASP Projects. Qualifying Project
Leaders can receive grants to cover their attendance at the event.

Requirements for Participation:

Active OWASP Project started in the last 9 months. Complete and
updated wiki page with a clear roadmap. Agenda and Deliverables for
your project at the summit are required. Deadline on September 5th!

Funding Opportunities: (through the Reimbursement Process)

$750.00 for Air Travel Assistance per OWASP Project Two Nights of
accommodations for the days of the Project Summit USA OWASP Project
Leaders (three leader max) receive a complimentary pass for AppSec
USA 2017.

Please use the Contact Us form -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/2f683d8866  for any questions or concerns.

Contacts at OWASP Foundation: Matt Tesauro -
Mailto:matt.tesauro at owasp.org  and Claudia Aviles Casanovas -
Mailto:Claudia.aviles-casanovas at owasp.org .

OWASP Top 10 Release Candidate

The OWASP Top 10 Release Candidate -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/077b81bfa5  is now available for comment. Each edition of the OWASP Top 10
enters this phase of the project with plenty of controversy and this
year is no different. You can still join the Top 10 Mailing List -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/52c19f1c49  to contribute your thoughts or read OWASP's Sr. Project Coordinator,
Matt Tesauro's thoughts -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/252db6cde0  on the topic.

Ads are not endorsements and reflect the messages of the advertiser
only. They represent co-marketing arrangements with other
organizations in
support of the OWASP Community.  CLICK HERE -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/a38ee2a4bf  for more information on Advertising.
AppSec USA Second Round CfP


The AppSec USA Call for Presentations Round Two will be opened for
two weeks starting on May 30th, 2017. Applications will be accepted
until June 15th and applicants will be notified of their success
shortly thereafter. Papers that did not make it in round one will
need to reapply for round two as applications will not be forwarded
automatically to the next round.

2017 OWASP Summit; The Woodstock of AppSec

The OWASP Summit in London -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/850ca751ad  will be the largest concentration of AppSec and Security talent
focused on solving problems in 2017. A 5-day, high-energy experience,
the summit will allow attendees to work and collaborate intensively.
Our villa set up means that you will have the opportunity to develop
projects in our 10 tracks nearly around the clock!

In order to attract as much talent as possible to the Summit, tickets
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/4c755f5a4c  were kept at a low price. A 5x 8h daily ticket costs £400 (i.e.
without accommodation) and a 5x 24h daily ticket costs £1,200 (i.e.
with 4-night accommodation), with a 10% discount (for 5 to 9 tickets)
and a 20% discount (for 10+ tickets). 1x daily 8h tickets are also
available at £100 and 24h tickets at £300.

Learn more -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/32882b89ca  about your opportunity to bring your team to 2017's biggest AppSec
output focused event.

AppSec USA Sponsorships Nearly Sold Out


There are only a few remaining sponsorships -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/f8c6c8f55f/TheOWASPFoundation/f451e8fadb/TEST/f537c66b11  left for AppSec USA. The expo floor plan designed to maximize foot
traffic to YOUR booth, you can be assured that you will maximize lead
generation activities. Additionally, the planning team has several
events planned to encourage a family friendly atmosphere to drive
attendance numbers skyrocketing upwards, and what better place than
Walt Disney World?

The vendor booths are located in high track areas so that you can be
assured to get the attention of more than 1,000 security decision
makers, influencers, and practitioners in the community. This is the
opportunity for your company to recruit, generate business,and share
ideas. Grab your booth today -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/132c8187d4/TheOWASPFoundation/f451e8fadb/TEST/f537c66b11  before space runs out.

Please contact Kelly Santalucia -
MAilto:http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/1bc55b6996  for more information on how your company can participate!

AppSec Europe Wrap Up

AppSec Europe brought the craic this year! From the first ever
outreach event to 200 teens to Keynotes packed with attendees, to
nearly a dozen supplementary events, the conference was an
unqualified success. Many thanks to the AppSec Eu Team, Gary Robison,
Michelle Simson, Owen Pendlebury, Martin Knobloch, Erlend Oftedal,
David Mathy, Mark Miller, Siobhan Gallagher, and Fiona Collins! You
can read Owen Pendlebury's account -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/e908b8dfb6  of the event on the OWASP Blog and soon, watch all of the talks on
the OWASP YouTube Channel.

AppSec Europe Developer Summit

Johanna Curiel hosted an interactive all day hands-on session on Day
1. A total of 16 people attended to learn about "Reverse Engineering
Android Apps with Bytecodeviewer."

Our Day 2 morning session topic was ​"​Automating On-Deploy
Security Testing* of web applications with ZAP and Jen​"​ hosted
by Spyros Gasteratos. We had 21 people attend this session.

And last by certainly not least, our Day 2 afternoon session was
hosted by Nicole Becher amd Mordecai Kraushar​. This session drew a
total of 20 attendees who were eager to learn about "Attacking your
web app."

This was by far our biggest DevSummit attendee turnout to date! We
are looking forward to doubling our DevSummit attendee numbers for
our upcoming AppSec USA 2017 event in September!

Upcoming Events    Global AppSec Events   AppSec USA 2017 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/0438a975a0   September 19-22, 2017; Orlando, Florida, USA   Regional and Local
Events   OWASP Sibiu Event  June 8, 2017; Sibiu, Romania New York
Metro Joint Cyber Security Conference -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/68a7a94d44   October 5, 2017; New York City, NY, USA OWASP Bucharest AppSec
Conference 2017  October 6, 2017; Bucharest, Romania OWASP AppSec
Africa 2018  May 10-12, 2018; Morocco   Project Summits   OWASP
Summit 2017 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/76c1d95655   June 12-16, 2017; London, UK   Partner and Promotional Events  
(ISC)2 Secure Summit Nordics -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/2f0a5720f6   May 31-June 1, 2017; Stockholm, Sweden IoT Tech Expo Europe 2017 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/bdfee332b2   June 1-2, 2017; Berlin, Germany Techno Security & Digital Forensics
Conference -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/0f7a547e36   June 4-7, 2017; Myrtle Beach, SC, USA (OWASP members save 30% by
using discount code: OWASP17) Cyber Resilience Summit: Measuring and
Managing Software Risk, Security and Technical Debt -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/0d6129e263   June 6, 2017; Brussels, Belgium BSides London 2017 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/cbf4d13a08   June 7, 2017; London, UK SANS Cyber Talent Fair -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/cad0c6ee44   June 7, 2017; Virtual GOTO Amsterdam 2017 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/44436cd562/eventOID=7991   June 12-14, 2017; Amsterdam, Netherlands (OWASP members save 10% by
using discount code: owasp17) SC Congress Toronto -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/89476676fa   June 13-14, 2017; Toronto, Canada Borderless Cyber USA -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/8eb68dd2d1   June 21-22, 2017; New York City, NY, USA (OWASP members save
$100.00 by using discount code: OWASP) (ISC)2 Secure Summit DACH -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/9eda6b1b02   June 27-28, 2017; ZÜrich, Switzerland BlackHat USA 2017 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/36fd6999c3   July 22-27, 2017; Las Vegas, NV, USA (OWASP members save $200 off
Briefings by using discount code: OWASP17) (ISC)2 Secure Johannesburg
2017 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/936d4d7984   October 5, 2017; Johannesburg, South Africa ISACA Ireland
Conference 2017 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/e3b80cdeae   October 20, 2017; Ireland IoT Tech Expo North America -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/21ec21e3ea   November 29-30, 2017; Santa Clara, CA, USA                 -->     
  Chapter Leader Workshop

Before every Global AppSec Event we host a Leaders' Workshop. These
workshops serve to allow the foundation staff (and board) to hear
from Chapter and Project Leaders and to catch them up on big
occurrences in the OWASP Foundation. This year there was an unusually
large portion of the meeting dedicated to sharing information from
the Foundation.

The OWASP Staff have been analyzing the Foundation's technical debt
and engaged in deep listening activities to understand how to
prioritize our actions. This activity has led to the staff
prioritizing 4 large changes to our structure: The Website Reboot,
the AMS update, a new system for mailing lists, and a volunteer
management program. These new systems will bring more insight and
control to Project and Chapter Leaders.

The Leaders' Workshop is recapped in three blog posts: OWASP Leaders'
Workshop Pt 1: 4 Major Changes and Leader Insight and Control -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/f94e5dd41d , about the 4 major updates; OWASP Code Sprint 2017 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/698288843d , answering the question about the code sprint; and Chapter Questions
from the LW, discussing the other two questions leaders brought up:
(1)Discussion on move from 2 to 4 meetings per year, (2)What does the
foundation look at when judging if an event can be charged for or
not? The final blog post is not yet up.

We have also confirmed that future Leaders' Workshops will attempt to
include the webinar platform so that Leaders who are not attending
the event can still participate in the meeting.

Welcome New Chapters

Albany -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/389f1ee136  Hokushinetsu -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/4269157e8a  Sofia -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/cd7ee59bc4  Kyiv -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/684893a881  Akita -

May 2017 Corporate Members  -

May 2017 Corporate Members

We would like to thank the following companies for supporting the
OWASP Foundation.

The companies listed below have contributed this month by either
renewing their existing

Corporate Membership or joining OWASP as a new Corporate Member.

Details about Corporate Membership can be found  -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/59af7bcb9a here.

Premier Corporate Member

Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of
cloud-based security and compliance solutions with over 8,800
customers in more than 100 countries, including a majority of each of
the Forbes Global 100 and Fortune 100. The Qualys Cloud Platform and
integrated suite of solutions help organizations simplify security
operations and lower the cost of compliance by delivering critical
security intelligence on demand and automating the full spectrum of
auditing, compliance and protection for IT systems and web
applications. Founded in 1999, Qualys has established strategic
partnerships with leading managed service providers and consulting
organizations including Accenture, BT, Cognizant Technology
Solutions, Dell SecureWorks, Fujitsu, HCL Comnet, Infosys, NTT,
Optiv, Tata Communications, Verizon and Wipro. The company is also a
founding member of the Cloud Security Alliance (CSA). For more
information, please visit www.qualys.com. Qualys, the Qualys logo and
QualysGuard are proprietary trademarks of Qualys, Inc. All other
products or names may be trademarks of their respective companies.
For more information, please visit
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/80d69ad3c6 -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/489cb7e1e9 .

Contributor Corporate Members


Oracle is shifting the complexity from IT, moving it out of the
enterprise by engineering hardware and software to work together--in
the cloud and in the data center. By eliminating complexity and
simplifying IT, Oracle enables its customers--400,000 of them in more
than 145 countries around the world--to accelerate innovation and
create added value for their customers. By engineering out the
complexity that stifles business innovation, Oracle is engineering in
speed, reliability, security, and manageability. The result is
best-in-class products throughout an integrated stack of hardware and
software, with every layer designed and engineered to work together
according to open industry standards. Oracle's complete, open, and
integrated solutions offer extreme performance at the lowest
cost--all from a single vendor. Encompassing every phase of the
product development lifecycle, Oracle Software Security Assurance is
Oracle's methodology for building security into the design, build,
testing, and maintenance of its products. Oracle's goal is to ensure
that Oracle's products, as well as the customer systems that leverage
those products, remain as secure as possible. For more information,
please visit

Rakuten, Inc. and its consolidated subsidiaries and affiliates
("Rakuten Group") are full-line Internet services companies. Since
its founding in 1997, Rakuten, Inc. ("Rakuten") has spent a decade
evolving its business model centered on e-commerce, to create a
market completely new to Japan. The Rakuten Group is focusing on two
approaches in particular to target growth in the decade to come. The
first is to empower people and society through continuous innovation
and business operation based on our five concepts of success. The
second is to establish a "Rakuten eco-system" which enables us to
maximize our customers lifetime value and leverage synergies. Guided
by the key phrase "more than Web", the Rakuten Group is taking on the
challenge of creating new value by driving convergence between the
Internet and traditional "bricks and mortar" businesses. For more
information, please visit


Want your company name here?

Find out how by visiting our  -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/ea3b409e1f/TheOWASPFoundation/815d9458a9/TEST/76ee715527 Corporate Member information page, or contact Kelly Santalucia -
kelly.santalucia at owasp.org , our Membership & Business Liaison today!

Thank you to all of our  -
http://cts.vresp.com/c/?TheOWASPFoundation/a6cf2b52a7/0a86f0b8bf/cb0a8c3750/TheOWASPFoundation/815d9458a9/TEST/5c9c3d45ce Premier and Contributor Corporate Members for your support!

The OWASP Foundation, 1200C Agora Drive #232, Bel Air, Maryland,
21014, USA

Click to view this email in a browser

Unsubscribe Info: This email was forwarded to you by
pendo19 at gmail.com. This action did not cause your email address to be
added to any mailing lists. You will not receive any future emails
unless you choose to subscribe to the list by clicking the opt-in
link at the top of this email.

This message was sent by The OWASP Foundation

The OWASP Foundation
1200-C Agora Drive
Bel Air, Maryland 21014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-ireland/attachments/20170529/43213d28/attachment-0001.html>

More information about the Owasp-ireland mailing list