[Owasp-leaders] [balint:6755] Re: Teaching resources

Claudia Casanovas Claudia.Aviles-Casanovas at owasp.org
Wed Apr 25 19:59:33 UTC 2018


Simon,

Please let me know how I can provide assistance.  Would like a wiki to
compile the documentation and/or GitHub?

Claudia Casanovas
Project Coordinator

On Wed, Apr 25, 2018 at 3:24 PM Kim Carter <kim.carter at owasp.org> wrote:

> I have a book series (currently about 800 pages of content) augmented with
> hands-on training workshops that aimed to fill this gap and seems to be
> working out well.
>
> A good percentage of the content is mapped to OWASP material.
>
> In terms of what Simon is mentioning around "wider range of generic
> Application Security Skills and knowledge", that's been the book series
> goal from inception, hence the name "Holistic".
>
> These are a couple of many trainings that have been run based on the books
> curriculum
>
>    - OWASP New Zealand Day at Auckland University
>    <https://binarymist.io/talk/owaspnzday-2018-workshop-building-security-into-your-development-team/>
>    - Christchurch Hacker Con at Canterbury University
>    <https://binarymist.io/talk/chcon-workshop-building-security-into-your-development-team/>
>
> Many others here <https://binarymist.io/talk/>, 90% of which are based on
> the book series. Read online here: holisticinfosecforwebdevelopers.com
> <https://www.holisticinfosecforwebdevelopers.com>
>
> Let me know if this could be of help...
>
>
> Kim Carter
>
> OWASP New Zealand Chapter Leader (Christchurch)
>
> Author of *Holistic Info-Sec for Web Developers*
> <http://www.holisticinfosecforwebdevelopers.com>
>
> c: +64 274 622 607
>
>
>
>
>
>
>
>
>
>
> On 25/04/18 23:15, psiinon wrote:
>
> Very interesting :)
> I dont suppose you have any English resources you can share?
>
> Many thanks,
>
> Simon
>
> On Wed, Apr 25, 2018 at 12:05 PM, Timur 'x' Khrotko [owasp] <
> timur at owasp.org> wrote:
>
>> I've just delivered a full semester of non-technical appsec or rather
>> secdev in a Hungarian university. Approaches, principles, real live cases,
>> ASVS, corporate secdev playbook. May that be interesting.
>>
>> On Wed, 25 Apr 2018 at 12:55, Adrian Winckles <adrian.winckles at owasp.org>
>> wrote:
>>
>>> Thanks Simon
>>>
>>> One of the projects I'd been working on from the Summit last year and
>>> hopefully from teh Summit this year as well (funding pending) was for the
>>> MSc Application Security Curriculum project whicgh  needs more work to look
>>> at the skills and knowledge students should learnt as part of such
>>> qualification, we had an initial attempt at gathering opinions by survey at
>>> the last summit but the majority returned surveys were “lost” before they
>>> were handed over
>>>
>>> My aim would be to produce a wider survey of OWASP trainers and
>>> educational supporters to canvas opinions on a wider range of generic
>>> Application Security Skills and knowledge which would be required from a
>>> MSc curriculum and determining suitable learning objectives to be able to
>>> produce an “open” curriculum for any educational institution or trainer to
>>> use.
>>>
>>> A second and larger part of the work is then to map the knowledge,
>>> skills & learning objectives to OWASP Project materials to help deliver
>>> quality educational experiences to those study Application Security.
>>>
>>> Thanks
>>>
>>> Adrian
>>>
>>> On Wed, Apr 25, 2018 at 11:43 AM, psiinon <psiinon at gmail.com> wrote:
>>>
>>>> Leaders,
>>>>
>>>> I've just started having a conversation with a college lecturer re the
>>>> possibility of a consortium of colleges and universities to work with OWASP
>>>> on creating webappsec teaching resources.
>>>>
>>>> Is anyone else looking at this or interested in getting involved if it
>>>> does happen?
>>>> Leaders of active (and relevant;) projects particularly welcome.
>>>>
>>>> Obviously we have a wealth of raw material, but thats not the same as a
>>>> set of resources that lecturers can easily get started with.
>>>>
>>>> I know theres https://www.owasp.org/index.php/OWASP_Training but thats
>>>> not been updated since 2016 and references several projects that are no
>>>> longer active.
>>>>
>>>> I think that a packaged set of teaching resources that anyone can use
>>>> to help people get started with appsec could be incredibly valuable and
>>>> really help raise awareness in appsec and OWASP.
>>>>
>>>> Let me know what you think,
>>>>
>>>> Simon
>>>>
>>>> --
>>>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>> This message may contain confidential information - you should handle it
>>> accordingly.
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>> --
>>
>> secmachine․net #wepowersecdev
>>
>
>
>
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>
>
> _______________________________________________
> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-- 


<https://www.owasp.org/index.php/Main_Page>

*O <https://www.owasp.org/index.php/Main_Page>WASP Foundation
<https://www.owasp.org/index.php/Main_Page>*
Claudia Aviles-Casanovas <claudia.aviles-casanovas at owasp.org>
Project Coordinator
Phone:973-288-1697

*Consider giving back, and supporting the open source community by becoming
a member <https://www.owasp.org/index.php/Membership> or making a donation
<https://www.owasp.org/index.php/Donate> today! *

*Join us at AppSec Eu 2018 <https://2018.appsec.eu/> 2-6 July in London, UK
and at AppSec USA 2018 <https://2018.appsecusa.org/> 8-12 October in San
Jose, CA!*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20180425/c26f11f1/attachment-0001.html>


More information about the OWASP-Leaders mailing list