[Owasp-leaders] Summit 2011/OWASP Secure Coding Workshop

Anthony Cheuk Tung, LAI, CSSLP, CISSP anthonylai at owasp.org
Tue Dec 14 10:19:30 EST 2010


Hi all,

If I would like to plan and attend to secure coding working session, what
could I need to do?

Regards,
Anthony Lai
Hong Kong Chapter

On Tue, Dec 14, 2010 at 6:54 PM, dinis cruz <dinis.cruz at owasp.org> wrote:

> Just renamed the thread so we can continue here
>
> The first pass at this Working Session Summit page is here :
> http://www.owasp.org/index.php/Summit_2011/OWASP_Secure_Coding_Workshop (still
> lots to do, but it is a good start)
>
> There are also individual WIKI pages for each session which you will need
> to update with the session's: Name, Objectives, Deliverables, Owner(s) and
> Members/Attendees
>
>    - Applying ESAPI Input Validation
>    http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session025
>    - Defining AppSensor Sensors :
>    http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session026
>    - Managing Sessions:
>    http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session027
>    - Protecting Information Stored Client-Side
>    http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session028
>    - Protecting Against CSRF
>    http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session029
>    - Providing Access to Persisted Data
>    http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session030
>    - The Future of "No Fluff" Secure Coding Workshop
>    http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session031
>
> All pages above are created using MediaWiki templates (just follow the
> instructions on the edit page) and its contents is also used to populate
> this page http://www.owasp.org/index.php/Summit_2011#tab=Working_Sessions
>
> <http://www.owasp.org/index.php/Summit_2011/OWASP_Secure_Coding_Workshop>Sarah
> Baso is your main point of contract for any issues or requests with this
> page (she is a MediaWiki Wizard and is using O2 to edit it :)  )
>
> Please get these mappings done as soon as possible so that we can announce
> this track to our community (this is a track that has a lot of potential to
> bring developers to the Summit)
>
> Dan, part of the reason why we will only do the final schedule at a later
> date, is to be able to accommodate (as much as possible) the participants
> need/desire to attend multiple tracks (we will do our best :)  )
>
> Dinis Cruz
>
>
> On 14 December 2010 04:54, Dan Cornell <dan at denimgroup.com> wrote:
>
>> (added a couple of individuals to this list to hopefully make sure
>> everyone from both this email and the similar thread on "Creating OWASP 4.0"
>> gets the email)
>>
>>
>> > 5 Protecting against CSRF                 ????????
>> >     * Hygiene
>> >        * Discuss/show Frames-busting, cross-domain policy,
>> >        * Discuss referrer and other red herrings
>> >     * Tokens (crafting, scoping, and checking)
>> >     * Discussions, techniques on scale
>> >     * Discussions, techniques on CAPTCHA, re-auth, etc.
>> >
>>
>>
>> I'd be happy to take this one on.  I'll need to make sure my facilitator
>> duties would be compatible with other commitments during the Summit, but
>> assuming that is the case I'd be happy to referee the discussion and help
>> bang out some code.
>>
>> Thanks,
>>
>> Dan
>>
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
Regards,
Anthony LAI
Founder & Security Researcher
Valkyrie-X Security Research Group
"Offensive . Creative . Fun"

     __  _
      .-.'  `; `-._  __  _
     (_,         .-:'  `; `-._
   ,'o"(        (_,           )
  (__,-'      ,'o"(            )>
     (       (__,-'            )
      `-'._.--._(             )
         |||  |||`-'._.--._.-'
                    |||  |||
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101214/b3abfada/attachment.html 


More information about the OWASP-Leaders mailing list