[Owasp-leaders] OWASP Top 10 in Web Apps Development Course

Bhupal Sapkota bhupal.sapkota at owasp.org
Fri Feb 8 08:35:01 UTC 2013


Thank you all for ideas / suggestions.
Tom, I'll update slides on our chapter page.

Next, after classes I'm planning to invite web companies in Kathmandu on
workshop or training
where we could talk about OWASP Projects. While attending AppSecAPAC, Jeju,
my main focus will be on understanding different OWASP Projects and finding
way to bring them in practice here in Nepal.

---
Regards,
Bhupal Sapkota

Chapter Lead, OWASP Nepal
Chief Technology Officer, Semicolon Developers Network Pvt. Ltd.
P.O.Box. 9018, Ph. +977-1-5520471, Kathmandu, Nepal


On Thu, Feb 7, 2013 at 9:00 PM, Constance Matthews <
cmatthews at microsolved.com> wrote:

>  Good Morning All,
>
> In Columbus Ohio we are working on offering a class to our group: 101 How
> to write secure code.
>
> We polled our membership and they are very excited.  Our goal is to start
> slow, so that we don't over whelm them.  Our thought is to teach them how
> important security is in the beginning stages of the SDLC.  I'm not a
> developer myself, but we have some awesome folks that are volunteering to
> step up and teach the class.
>
> We have some strong interest from schools to be involved in this training
> as well.  Our thought it taking baby steps and begin to lead them down the
> path to writing secure code.
>
> If anyone has done anything like this, we would be open to hear what
> worked and what didn't.
>
> We are super excited to do this.
>
> Thanks,
> Connie
> On 2/7/2013 9:22 AM, psiinon wrote:
>
> Great!
>
> On Thu, Feb 7, 2013 at 2:19 PM, Konstantinos Papapanagiotou <
> Konstantinos at owasp.org> wrote:
>
>> We'll do that in the OWASP Academies initiative.
>>
>>  Kostas
>>
>>
>> On Thu, Feb 7, 2013 at 4:18 PM, psiinon <psiinon at gmail.com> wrote:
>>
>>> It would be great if we could make (and maintain) some recommendations
>>> for OWASP projects suitable for universities.
>>> In time that could grow into suggested course structures, and maybe even
>>> some course notes?
>>> Not sure if it should be a project in its own right or just a set of
>>> wiki pages.
>>>
>>> Simon
>>>
>>>
>>> On Thu, Feb 7, 2013 at 2:15 PM, Konstantinos Papapanagiotou <
>>> Konstantinos at owasp.org> wrote:
>>>
>>>> Indeed! And of course you can use ZAP to try out the Hackademic
>>>> Challenges (http://hackademic1.teilar.gr/) which fit perfectly  in a
>>>> lab-based, university-level course. ;)
>>>>
>>>>  Kostas
>>>>
>>>>
>>>> On Thu, Feb 7, 2013 at 3:59 PM, psiinon <psiinon at gmail.com> wrote:
>>>>
>>>>> Great initiatives - we should definitely be targeting students.
>>>>>
>>>>> <obligatory ZAP promotion>
>>>>> I realise that some people may question the wisdom of teaching
>>>>> 'hacking techniques' to students, but I do think that you need to
>>>>> understand what the bad guys will do in order to build secure applications.
>>>>> And I think ZAP is an ideal tool for students learning about such
>>>>> techniques :)
>>>>> I know of some universities already using it, so if you're interested
>>>>> in including it in some courses then please get in touch with me.
>>>>> And, of course, its also a good project for students to contribute to!
>>>>> </obligatory ZAP promotion>
>>>>>
>>>>> Cheers,
>>>>>
>>>>> Simon
>>>>>
>>>>>
>>>>> On Thu, Feb 7, 2013 at 1:51 PM, Azzeddine Ramrami <
>>>>> azzeddine.ramrami at owasp.org> wrote:
>>>>>
>>>>>>   Hi,
>>>>>>  In my course Writing Java Secure Code I included a full chapter
>>>>>> based on the OWASP TOP 10.
>>>>>>  Thanks.
>>>>>>  Azzeddine
>>>>>>
>>>>>>
>>>>>>  On Thu, Feb 7, 2013 at 2:31 PM, Matt Tesauro <matt.tesauro at owasp.org
>>>>>> > wrote:
>>>>>>
>>>>>>> Awesome.
>>>>>>>
>>>>>>>  Having previously taught a a US university (Texas A&M - whoop!), I
>>>>>>> know the only way any security discussion makes its way into a course is
>>>>>>> the _instructor_ cares and fits it into their course.
>>>>>>>
>>>>>>>  Thanks for catching students early and planting the seed of secure
>>>>>>> development in their early days.
>>>>>>>
>>>>>>> --
>>>>>>> -- Matt Tesauro
>>>>>>> OWASP WTE Project Lead
>>>>>>> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
>>>>>>> http://AppSecLive.org - Community and Download site
>>>>>>>
>>>>>>>
>>>>>>>  On Thu, Feb 7, 2013 at 1:44 AM, Bhupal Sapkota <
>>>>>>> bhupal.sapkota at owasp.org> wrote:
>>>>>>>
>>>>>>>>  Hello Leads,
>>>>>>>>
>>>>>>>>  Wanted to share how we are creating OWASP awareness here in
>>>>>>>> Kathmandu:
>>>>>>>>
>>>>>>>> I recently started teaching Web Application Development
>>>>>>>> (LAMP) course to mass of 40 CS students at two different colleges (20
>>>>>>>> students in each).
>>>>>>>> I've included OWASP Top 10 list as part of syllabus. I am going to
>>>>>>>> teach students how to take preventive measures as a developer/coder.
>>>>>>>>
>>>>>>>>
>>>>>>>>  ---
>>>>>>>>  Regards,
>>>>>>>> Bhupal Sapkota
>>>>>>>>
>>>>>>>> Chapter Lead, OWASP Nepal
>>>>>>>> Chief Technology Officer, Semicolon Developers Network Pvt. Ltd.
>>>>>>>> P.O.Box. 9018, Ph. +977-1-5520471, Kathmandu, Nepal
>>>>>>>>
>>>>>>>>  _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>  --
>>>>>>  Azzeddine RAMRAMI
>>>>>> +33 6 65 48 90 04 <%2B33%206%2065%2048%2090%2004>.
>>>>>> OWASP Leader (Morocco Chapter)
>>>>>> Enterprise Security Architect
>>>>>> Mile2 Senior Master Instructor
>>>>>>  Mozilla Security Projects Mentor
>>>>>>
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>  OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>>>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>>
>>>>
>>>
>>>
>>> --
>>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>
>>
>>
>
>
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>
>
> _______________________________________________
> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
> --
> Constance Matthews        cmatthews at microsolved.com
> Account Executive
> Phone: 614. 351.1237 X 206
> Cell: 614.286.2408
> Fax: 512-592-7904
>
> Linked In: www.linkedin.com/in/ConnieMatthews
> PGP Key Available by Request
> MicroSolved is security expertise you can trust!
>
> HoneyPoint Security Server
> Attackers get stung, instead of you!http://www.microsolved.com/honeypoint
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130208/72170bb2/attachment-0001.html>


More information about the OWASP-Leaders mailing list