Dinis Cruz Blog

A personal blog about: transforming Web Application Security into an 'Application Visibility' engine, the OWASP O2 Platform, Application/Data interoperability and a lot more

Pages

  • Home
  • AppSec Presentations
  • OWASP O2 Platform
  • Real-Time Vulnerability Feedback in VisualStudio
  • About

Friday, 12 November 2010

Amazing coverage of OWASP Projects

I just wrote the following email and it struck me the variety of OWASP projects and the potential that they have:

--------------

On OWASP here are a couple things you might find interresting:
  • AppSec DC conference that just finished yesterday in DC 
  • List of the 16 OWASP Conferences in 2010 (with links to its websites/webpages)
  • A review of the EU Conference
  • Full List of OWASP Projects , and here are a couple that you should also check out:
    • OWASP Legal Project
    • Software Assurance Maturity Model
    • OWASP Application Security Verification Standard Project
    • OWASP Enterprise Security API (ESAPI) Project
    • Security Ecosystem Project
    • OWASP Security Spending Benchmarks
    • OWASP Cloud ‐ 10 Project
    • OWASP Positive Security Project
    • OWASP Secure Web Application Framework Manifesto
    • OWASP Web Application Scanner Specification Project
    • OWASP Application Security Metrics Project
    • OWASP PCI Project (still early days)

Finally if you want to see a great presentation and positioning, please take the time to see this video from David Rice (Geekonomics Author doing a Keynote presentation at OWASP AppSec USA) . Here are another 26 videos from this conference

Posted by diniscruz at 11:30
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Newer Post Older Post Home

Search

Labels

AngularJS (32) AppSensor (1) ASP.NET MVC (5) Atom (1) Azure (13) BBC (1) BDD (2) Book (22) BSIMM (3) Cassini (1) CatNet (17) Checkmarx (18) Chrome (11) Code Cafe (1) Code Club (5) Code Coverage (1) CodingLab (4) Coffee-Script (1) Company Tips (1) Contract Work (10) CSharp (1) DefCon (9) Design (16) Development (8) Diagram (1) Down memory lane (1) Eclipse (37) Education (6) ESAPI (4) ESTAPI (5) Exploits (1) Firebase (7) FluentNode (4) FluentSharp (22) Football (1) Fortify (8) Frameworks (3) Funny (2) Future Self (3) Fuzzing (6) FxCop (1) Gamification (3) GenerationZ (6) Git (38) GitHub (40) Google (13) Graphs (1) Groovy (8) Half-baked Idea (16) HTML 5 (1) IBM (30) Ideas (1) IKVM (1) Jade (1) Java (27) Javascript (3) JIRA (5) JIRA Book (5) Jni4Net (15) Job Oportunity (4) JRebel (4) JsTestDriver (2) JustCode (5) Karma Point (1) Karma Points (1) KarmaJS (7) Kernel (1) Lambda (1) LeanPub (19) Learn-to-Code (4) Linux (3) Live Writer (6) London (3) Markdown (3) Mass Assignment (2) Maths (1) MediaWiki (1) Minecraft (3) Misc (1) Mobile Security (1) MVC (4) NCrunch (8) NDepend (3) NGit (5) NodeJS (12) NuGet (5) NUnit (11) O2 (1) O2 Platform (226) O2 Platform Tool (25) O2 Script (2) O2Platform (14) Open Source (1) OS-Summit (1) OSx (6) OunceLabs (13) OWASP (99) OWASP MIA (14) Owasp Summit (23) Patterns (1) PCI (1) PDFs (17) Philosophy (78) PhotoBox Group (3) Portugal (1) PostSharp (1) Presentation (20) Privacy (2) Quality (9) Question (5) Rant (32) Raspberry PI (2) RazorSharp (4) REPL (55) REST (7) RfP (2) RISK (1) Roslyn (14) Sandboxing (2) SAST (31) SecDevOps (62) Security (71) Security as BRAKES (1) Security as TAX (24) Security Champions (7) Security Innovation (4) Selenium (10) Services (5) Simple Microsoft (5) Simplicity (1) Software Quality (24) Sport (1) Spring Framework (17) TeamCity (9) TeamMentor (238) TeamMentor Content (1) TeamMentor Security (14) Testing (13) Threat Modeling (4) To add to O2 (6) To Read (9) Tools (41) Training (1) Trillions (6) Unit Tests (17) UnitTests (2) Video (23) Visualization (10) VisualStudio (30) WAF (2) Wardley_Maps (2) WatiN (13) WebGoat .NET (2) WebStorm (4) WinAPI (25) Windows 8 (5) Wish lists (1) WPF (3) xkcd (1) XmlDecoder (5) XStream (4)

Subscribe using RSS

Posts
Atom
Posts
Comments
Atom
Comments

Blog Archive

  • ►  2018 (11)
    • ►  December (3)
    • ►  October (3)
    • ►  June (2)
    • ►  March (2)
    • ►  February (1)
  • ►  2017 (29)
    • ►  December (1)
    • ►  October (1)
    • ►  June (3)
    • ►  May (17)
    • ►  April (7)
  • ►  2016 (141)
    • ►  December (19)
    • ►  November (20)
    • ►  October (46)
    • ►  September (13)
    • ►  June (9)
    • ►  May (7)
    • ►  April (4)
    • ►  March (6)
    • ►  February (14)
    • ►  January (3)
  • ►  2015 (33)
    • ►  December (4)
    • ►  November (2)
    • ►  October (3)
    • ►  July (2)
    • ►  June (3)
    • ►  May (9)
    • ►  April (2)
    • ►  February (1)
    • ►  January (7)
  • ►  2014 (92)
    • ►  December (3)
    • ►  November (5)
    • ►  September (2)
    • ►  August (9)
    • ►  July (7)
    • ►  June (2)
    • ►  May (7)
    • ►  April (6)
    • ►  March (18)
    • ►  February (16)
    • ►  January (17)
  • ►  2013 (368)
    • ►  December (26)
    • ►  November (12)
    • ►  October (4)
    • ►  September (24)
    • ►  August (21)
    • ►  July (11)
    • ►  June (45)
    • ►  May (47)
    • ►  April (39)
    • ►  March (53)
    • ►  February (20)
    • ►  January (66)
  • ►  2012 (426)
    • ►  December (56)
    • ►  November (74)
    • ►  October (105)
    • ►  September (14)
    • ►  August (8)
    • ►  July (4)
    • ►  June (31)
    • ►  May (53)
    • ►  April (76)
    • ►  March (4)
    • ►  January (1)
  • ►  2011 (71)
    • ►  December (1)
    • ►  November (13)
    • ►  October (11)
    • ►  August (4)
    • ►  July (21)
    • ►  June (5)
    • ►  May (4)
    • ►  April (1)
    • ►  March (4)
    • ►  February (6)
    • ►  January (1)
  • ▼  2010 (65)
    • ▼  November (8)
      • Mapping Altoro Mutual 'Vulnerable-by-Design' web a...
      • O2 Platform Videos (Nov 2010)
      • Poll: "What do you think the future of software se...
      • OWASP CALL FOR TRAINERS!
      • O2 Platform presentation
      • Starting an OWASP Chapter
      • Amazing coverage of OWASP Projects
      • OWASP and certifications
    • ►  October (15)
    • ►  September (3)
    • ►  August (2)
    • ►  July (6)
    • ►  June (10)
    • ►  May (4)
    • ►  January (17)
  • ►  2009 (46)
    • ►  December (7)
    • ►  November (11)
    • ►  September (16)
    • ►  August (6)
    • ►  July (1)
    • ►  June (2)
    • ►  May (1)
    • ►  January (2)
  • ►  2008 (7)
    • ►  December (2)
    • ►  November (1)
    • ►  September (4)

Popular Posts

  • Using AngularJS in Eclipse, Part 1) The Basics
    This is the first of four posts on how to run (inside Eclipse) the examples provided in  AngularJS 's home page: Using AngularJS in Ec...
  • New design for o2platform blog and links to post categories
    UPDATE: See also  New design for this blog I just spent some time at the O2 Blog where I selected a new theme and categorized all 80 p...
  • Installing Gradle on OSX
    Gradle is a build automation solution which can be downloaded from  http://www.gradle.org/downloads  and is an really powerful 'Groovy ...
  • Setting up a Minecraft server in Azure (for use at weekly CodeClub session)
    For almost one year, I've been doing a weekly CodeClub  session at one of my kids schools, and sometimes at a local restaurant (see here...
  • Using AngularJS in Eclipse, Part 2) Add Some Control
    This is the second of four posts on how to run (inside Eclipse) the examples provided in  AngularJS 's home page: Using AngularJS in E...
  • C# example of using Firebase REST API
    Once I got my head around how Firebase worked (see here multiple Firebase related posts ), my next step was to figure out a way to send dat...
  • Bypassing asp.net request validation detection, but it is a vulnerability?
    Defence in Depth is a good strategy, specially since part of its core principles is the idea that some of the security measures applied wil...
  • XStream "Remote Code Execution" exploit on code from "Standard way to serialize and deserialize Objects with XStream" article
    At the DefCon 2013 I co-presented (with Abraham and Alvaro ) the  "RESTing On Your Laurels will Get YOu Pwned" , which showed a n...
  • Alternatives to IE WebBrowser Control in .NET
    UPDATE (Jun/13) : see  When the best way to automate Chrome is to use ... Chrome (with examples on Google search, direct AngularJS scope ma...
  • Using XMLDecoder to execute server-side Java Code on an Restlet application (i.e. Remote Command Execution)
    At the  DefCon REST Presentation  we did last week (see slides here ), after the  Neo4J CSRF payload to start processes (calc and nc) on the...
Copyright Creative Commons. Picture Window theme. Theme images by mammuth. Powered by Blogger.