[Owasp-leaders] Security Playbooks Track and request for anonymised data

Dinis Cruz dinis.cruz at owasp.org
Sun May 14 00:23:58 UTC 2017


Hi fellow Owasp Leader, after a conversation with Ante Gulam
<http://owaspsummit.org/website/participants.html> about *Security
Playbooks*, I had the real-world experience of needing them in multiple
occasions this week.

Since I was not able to find good resources online that I could easily use,
I realised that the Summit presented a great opportunity to create a set of
Security Playbooks in standard formats that could be used by the
Owasp/Security community.

After some research, I created the Security Playbooks
<http://owaspsummit.org/Working-Sessions/Security-Playbooks/> Track with
these Working Sessions:

   - AppSec Review and Pentest Playbook
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/Pentest-Playbook.html>
   - Security Playbooks Diagrams
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/Security-Playbooks-Diagrams.html>
   - Bug Bounty Playbook
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/Bug-Bounty-Playbook.html>
   - Create Jira Workflows for Security Playbooks
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/Create-Jira-Workflows-for-Security-Playbooks.html>
   - DoS Playbook
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/DoS-Playbook.html>
   - Due Diligence Playbook
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/Due-Diligence-Playbook.html>
   - Incident Response Playbook
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/Incident-Response-Playbook.html>
   - Media Handling Playbook
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/Media-Handling-Playbook.html>
   - Playbooks vs Handbooks
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/Playbooks-vs-Handbooks.html>
   - Ransomware Playbook
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/Ransomware-Playbook.html>
   - Security Monitoring Playbooks
   <http://owaspsummit.org/Working-Sessions/Security-Playbooks/Security-Monitoring-Playbooks.html>

*If you already have Security Playbooks at your company* (or similar
documents/diagrams/workflows) *please submit them in an anonymised format
with an OpenSource/CC license* (so that it can be used by the Working
Sessions)

Remember that significant work and collaboration should occur before the
Summit (i.e. between now and the 12th of June). It would be amazing if some
of the Working Sessions listed above had its tasks completed before the
Summit!

For example, we can start working and collaborating asap on the Security
Playbooks Diagrams
<http://owaspsummit.org/Working-Sessions/Security-Playbooks/Security-Playbooks-Diagrams.html>
.

Do you have Playbook Diagrams that you can share? (pictures of
whiteboard-based diagrams will be a great place to start)

Thanks for your help

Dinis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170514/9822b4cc/attachment-0001.html>


More information about the OWASP-Leaders mailing list