[Owasp-leaders] Which OWASP Projects to highlight and talk more about?
noreen.whysel at owasp.org
Fri Dec 12 14:39:12 UTC 2014
The OWASP YouTube channel is:
It includes an AppSec Tutorial series. Episode #1: AppSec Basics may be of
interest as an introduction to web application security.
You can also review the OWASP Education Presentation page for additional
The video catalogue is on the OWASP wiki here:
On Thu, Dec 11, 2014 at 11:26 PM, Akash Mahajan <akash.mahajan at owasp.org>
> Just to complete the loop, here is what we are planning to do.
> 1. Talk on Security Architecture and introduction about Break It and Fix
> it by Satish
> 2. Demo + Hands-on on getting started with OWASP BWA by Akash
> Sadly a lot of newer members in our chapter aren't very comfortable with
> Virtual Machines etc. and a lot of them have heard of DVWA, Mutllidae but
> not of Broken Web Apps. So our plan is to get more people attacking the
> practice applications quickly.
> On 12 December 2014 at 09:50, Akash Mahajan <akash.mahajan at owasp.org>
>> Hi Tobias,
>> Thank you for the extensive list of things we can take up.
>> Out of these, I wasn't aware of Cornucopia before. Could you please tell
>> me more how we can use it in a meet? (I was reading about it and it seems
>> like a card game)
>> On 10 December 2014 at 20:52, Tobias <tobias.gondrom at owasp.org> wrote:
>>> Hello Akash,
>>> interesting theme idea Break it & Fix it.
>>> The following is just some of my personal favourites at the moment
>>> within your theme context:
>>> - Top-10 & Top-10 proactive controls
>>> - Mobile Top-10 & Mobile proactive controls
>>> - Personally, I also find worthwhile for "fix it" to look at Secure
>>> Coding best Practices Quick Reference Guide (Oh boy, we really need to come
>>> up with a shorter name for this...)
>>> - And potentially openSAMM as a measure to ramp up your SDLC - again
>>> "fix it".
>>> - and Cornucopia to spice up the threat assessment / requirements
>>> process part...
>>> Just my 2cents.
>>> Best, Tobias
>>> On 09/12/14 13:35, Akash Mahajan wrote:
>>> Hello Folks,
>>> We at OWASP Bangalore are planning on starting new series of sessions
>>> called Break It and Fix It.
>>> The idea for now is to take up Top 10, cover the a vulnerable sample
>>> application show the attack and then talk about ways to fix the code. If
>>> everything goes well we shall start on the 20th of this month.
>>> As part of the recommendations and references at this point what
>>> resources should we be highlighting?
>>> The reason to ask the question is that some of the guides are in the
>>> process of being re-written and there was a discussion about flagship
>>> proects etc.
>>> We have already done extensive coverage of
>>> 1. OWASP ZAP
>>> 2. OWASP Top 10 2010 and 2013
>>> 3. OWASP BWA
>>> 4. OWASP OWTF - Being covered in our meet on the 13th Dec
>>> We would like to do more with
>>> - The new Dev guide
>>> - ASVS Document
>>> Also, this sort of email is better for the chapters list or the leaders
>>> list? I always get confused about that.
>>> Thank you.
>>> Warm regards,
>>> Akash Mahajan
>>> *That Web Application Security Guy* | +91 99 805 271 82
>>> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
>>> *OWASP Bangalore Chapter Lead | null Community Manager*
>>> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>> Warm regards,
>> Akash Mahajan
>> *That Web Application Security Guy* | +91 99 805 271 82
>> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
>> *OWASP Bangalore Chapter Lead | null Community Manager*
> Warm regards,
> Akash Mahajan
> *That Web Application Security Guy* | +91 99 805 271 82
> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
> *OWASP Bangalore Chapter Lead | null Community Manager*
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders