[Owasp-leaders] OWASP Top 10 in Web Apps Development Course

Constance Matthews cmatthews at microsolved.com
Thu Feb 7 15:15:05 UTC 2013


Good Morning All,

In Columbus Ohio we are working on offering a class to our group: 101 
How to write secure code.

We polled our membership and they are very excited.  Our goal is to 
start slow, so that we don't over whelm them.  Our thought is to teach 
them how important security is in the beginning stages of the SDLC.  I'm 
not a developer myself, but we have some awesome folks that are 
volunteering to step up and teach the class.

We have some strong interest from schools to be involved in this 
training as well.  Our thought it taking baby steps and begin to lead 
them down the path to writing secure code.

If anyone has done anything like this, we would be open to hear what 
worked and what didn't.

We are super excited to do this.

Thanks,
Connie
On 2/7/2013 9:22 AM, psiinon wrote:
> Great!
>
> On Thu, Feb 7, 2013 at 2:19 PM, Konstantinos Papapanagiotou 
> <Konstantinos at owasp.org <mailto:Konstantinos at owasp.org>> wrote:
>
>     We'll do that in the OWASP Academies initiative.
>
>     Kostas
>
>
>     On Thu, Feb 7, 2013 at 4:18 PM, psiinon <psiinon at gmail.com
>     <mailto:psiinon at gmail.com>> wrote:
>
>         It would be great if we could make (and maintain) some
>         recommendations for OWASP projects suitable for universities.
>         In time that could grow into suggested course structures, and
>         maybe even some course notes?
>         Not sure if it should be a project in its own right or just a
>         set of wiki pages.
>
>         Simon
>
>
>         On Thu, Feb 7, 2013 at 2:15 PM, Konstantinos Papapanagiotou
>         <Konstantinos at owasp.org <mailto:Konstantinos at owasp.org>> wrote:
>
>             Indeed! And of course you can use ZAP to try out the
>             Hackademic Challenges (http://hackademic1.teilar.gr/)
>             which fit perfectly  in a lab-based, university-level
>             course. ;)
>
>             Kostas
>
>
>             On Thu, Feb 7, 2013 at 3:59 PM, psiinon <psiinon at gmail.com
>             <mailto:psiinon at gmail.com>> wrote:
>
>                 Great initiatives - we should definitely be targeting
>                 students.
>
>                 <obligatory ZAP promotion>
>                 I realise that some people may question the wisdom of
>                 teaching 'hacking techniques' to students, but I do
>                 think that you need to understand what the bad guys
>                 will do in order to build secure applications.
>                 And I think ZAP is an ideal tool for students learning
>                 about such techniques :)
>                 I know of some universities already using it, so if
>                 you're interested in including it in some courses then
>                 please get in touch with me.
>                 And, of course, its also a good project for students
>                 to contribute to!
>                 </obligatory ZAP promotion>
>
>                 Cheers,
>
>                 Simon
>
>
>                 On Thu, Feb 7, 2013 at 1:51 PM, Azzeddine Ramrami
>                 <azzeddine.ramrami at owasp.org
>                 <mailto:azzeddine.ramrami at owasp.org>> wrote:
>
>                     Hi,
>                     In my course Writing Java Secure Code I included a
>                     full chapter based on the OWASP TOP 10.
>                     Thanks.
>                     Azzeddine
>
>
>                     On Thu, Feb 7, 2013 at 2:31 PM, Matt Tesauro
>                     <matt.tesauro at owasp.org
>                     <mailto:matt.tesauro at owasp.org>> wrote:
>
>                         Awesome.
>
>                         Having previously taught a a US university
>                         (Texas A&M - whoop!), I know the only way any
>                         security discussion makes its way into a
>                         course is the _instructor_ cares and fits it
>                         into their course.
>
>                         Thanks for catching students early and
>                         planting the seed of secure development in
>                         their early days.
>
>                         --
>                         -- Matt Tesauro
>                         OWASP WTE Project Lead
>                         http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
>                         http://AppSecLive.org - Community and Download
>                         site
>
>
>                         On Thu, Feb 7, 2013 at 1:44 AM, Bhupal Sapkota
>                         <bhupal.sapkota at owasp.org
>                         <mailto:bhupal.sapkota at owasp.org>> wrote:
>
>                             Hello Leads,
>
>                             Wanted to share how we are creating OWASP
>                             awareness here in Kathmandu:
>
>                             I recently started teaching Web
>                             Application Development (LAMP) course to
>                             mass of 40 CS students at two different
>                             colleges (20 students in each).
>                             I've included OWASP Top 10 list as part of
>                             syllabus. I am going to teach students how
>                             to take preventive measures as a
>                             developer/coder.
>
>
>                             ---
>                             Regards,
>                             Bhupal Sapkota
>
>                             Chapter Lead, OWASP Nepal
>                             Chief Technology Officer, Semicolon
>                             Developers Network Pvt. Ltd.
>                             P.O.Box. 9018, Ph. +977-1-5520471
>                             <tel:%2B977-1-5520471>, Kathmandu, Nepal
>
>                             _______________________________________________
>                             OWASP-Leaders mailing list
>                             OWASP-Leaders at lists.owasp.org
>                             <mailto:OWASP-Leaders at lists.owasp.org>
>                             https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>                         _______________________________________________
>                         OWASP-Leaders mailing list
>                         OWASP-Leaders at lists.owasp.org
>                         <mailto:OWASP-Leaders at lists.owasp.org>
>                         https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>
>                     -- 
>                     Azzeddine RAMRAMI
>                     +33 6 65 48 90 04 <tel:%2B33%206%2065%2048%2090%2004>.
>                     OWASP Leader (Morocco Chapter)
>                     Enterprise Security Architect
>                     Mile2 Senior Master Instructor
>                     Mozilla Security Projects Mentor
>
>                     _______________________________________________
>                     OWASP-Leaders mailing list
>                     OWASP-Leaders at lists.owasp.org
>                     <mailto:OWASP-Leaders at lists.owasp.org>
>                     https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>
>                 -- 
>                 OWASP ZAP <https://www.owasp.org/index.php/ZAP>
>                 Project leader
>
>                 _______________________________________________
>                 OWASP-Leaders mailing list
>                 OWASP-Leaders at lists.owasp.org
>                 <mailto:OWASP-Leaders at lists.owasp.org>
>                 https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>
>
>         -- 
>         OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>
>
>
>
>
> -- 
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-- 
Constance Matthews        cmatthews at microsolved.com
Account Executive
Phone: 614. 351.1237 X 206
Cell: 614.286.2408
Fax: 512-592-7904

Linked In: www.linkedin.com/in/ConnieMatthews
PGP Key Available by Request
MicroSolved is security expertise you can trust!

HoneyPoint Security Server
Attackers get stung, instead of you!
http://www.microsolved.com/honeypoint
  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130207/81d44906/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4488 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130207/81d44906/attachment-0001.bin>


More information about the OWASP-Leaders mailing list