[Owasp-leaders] OWASP Appsec Tutorial Series - Be part of the next episode!!

Jerry Hoff jerry at owasp.org
Sat Nov 12 14:39:08 EST 2011

Hi Folks,

Just a quick update on the tutorial series.  First of all, the numbers
are pretty staggering on the youtube channel:

OATS episode #1: Introduction - over 15 thousand hits
OATS episode #2: SQL Injection - over 14 thousand hits
OATS episode #3: XSS - nearing 16 thousand hits

Total Channel Views:  46,700

On top of that, the channel now has almost 1,000 subscribers!

Hopefully, you see the value in this series progressing, and I want to
really push this project into overdrive.   OWASP's mission is to make
AppSec visible, and it looks like the tutorial series is doing its part
at getting the word out.

Moving forward, I've decided to divide  the series into three main

- Introductory (like the previous 3 episodes)
    The intro series will target developers and others who are trying to
get a grasp on the basics of application security. 
    The introductory series will cover all of the top 10 and other
essential concepts

- Advanced (or "current topics")
    This series is geared towards the average OWASP member. 
    First episode in this branch is NOW UNDERWAY.  The topic is HSTS
(HTTP Strict Transport Security)

- OWASP Projects
    This series will highlight some of the amazing projects that are
underway at OWASP
    First episode will be Simon's Zed Attack Proxy.
    Other requested projects: O2 (will probably require 2-3 episodes),
CSRFGuard, ESAPI (2-3 episodes), Antisamy

The problem is each episode currently takes about 30-40 hours of work. 
So I'm on the lookout for others in the OWASP community who want to
pitch in.  Right now I really need technical script reviewers.  Michael
Coates has volunteered and is reviewing the HSTS script right now, and
I'd like a few other HSTS experts to read and give their opinion as well.

Furthermore, if anyone is interested in animation, sound syncing, sound
mixing, and animation timing, please let me know.  Or if you know of
people who would do this commercially (hopefully at a discounted rate),
please let me know their names as well. 

Let's get this project moving again and use it to showcase all the
AMAZING work that comes out of OWASP.  Every developer in the world
should at least *know* of OWASP.  We can do this!!

Please contact me: jerry at owasp.org ... I'll set up a webex in early
December with a more formal game plan for all volunteers.

Thank you Folks!
Jerry Hoff

More information about the OWASP-Leaders mailing list