Copyright © 2004 - The OWASP Foundation

Permission is granted to copy, distribute and/or modify this document

under the terms of the GNU Free Documentation License.

The OWASP Foundation

OWASP

http://www.owasp.org

OWASP Update

Sebastien Deleersnyder

CISSP

May, 2006

sdl@ascure.com

OWASP 2

Agenda

<Introduction<OWASP<Belgium Chapter<New OWASP Projects

OWASP 3

Agenda

<Introduction<OWASP<Belgium Chapter<New OWASP Projects

OWASP 4

<Sponsor this evening:4Deloitte

<Call for additional sponsors4Chapter meeting places & catering4Support for local projects

<OWASP cannot recommend the use of products, services, or recommend specific companies

Introduction

OWASP 5

Introduction

Program for this evening:<18h30 - 18h45:

Sebastien DeleersnyderOWASP Update

<18h45 - 19h15: Hillar Leoste, Zone-H2005 Internet Attack Statistics for Belgium

<19h15 - 20h30:Johan Peeters, Program Director secappdev.org Can "Agile" Development Produce Secure Applications?

OWASP 6

Agenda

<Introduction<OWASP<Belgium Chapter<New OWASP Projects

OWASP 7

OWASP

<Open Web Application Security Project

<OWASP is dedicated to finding and fighting the causes of insecure software

<Non-profit, volunteer driven organization4All members are volunteers4All work is donated by sponsors

OWASP 8

OWASP?

<Provide free resources to the community4Publications, Articles, Standards, e.g.

§ OWASP Top 10§ OWASP Guide§ Testing Guide

4Testing and Training Software, e.g.§ WebGoat§ WebScarab§ .NET Projects

4Local Chapters, Mailing Lists & Conferences<Dual license model:

4Open Source Licenses4Commercial License for Members

OWASP 9

OWASP Membership

<Using OWASP material?<Join us and become member!<Enable OWASP to continue to provide unbiased:

4Tools4Documentation4Conferences4Mailing Lists4…

www.owasp.org/about/membership.html

OWASP 10

Agenda

<Introduction<OWASP<Belgium Chapter<New OWASP Projects

OWASP 11

Belgium Chapter - What do we have to offer?

<Quarterly Meetings<Mailing List<Presentations & Groups<Open forum for discussion<Meet fellow InfoSec professionals<Create (Web)AppSec awareness in Belgium<Local projects?

OWASP 12

Belgium Chapter – House Rules

<Free & open to everyone<Language

4English preferred4Native language: no problem!

<No vendor pitches or $ales presentations<Respect for different opinions<No flaming (including M$ bashing)

<1 CISSP CPE for each hour of OWASP chapter meeting<Sign Sheet & I’ll e-mail scan: you claim CPE credits

OWASP 13

OWASP Local Chapter Meetings 2006

<Next Meetings:4Thursday Sep 14th 2006 - Antwerp4Tuesday Nov 21 2006 - Brussels

<Program:4Short OWASP intro4Presentation on introduction topic4Panel, workshop, round-table, … on more advanced topic

<Topics: 4Call for input!

OWASP 14

Agenda

<Introduction<OWASP<Belgium Chapter<New OWASP Projects

OWASP 15

New OWASP Projects

<OWASP Site Generator4http://owasp.net/forums/428/ShowPost.aspx4http://owasp.net/blogs/dinis_cruz/archive/2006/01/2

5/431.aspx<Testing Project<Previous OWASP chapter reference by Ken

online

OWASP 16

OWASP Conference

<Europe OWASP conference in Belgium!4KUL4May 29: training course Web Application Security /

Web Services Security 4May 30-31: Conference – 2 tracks

OWASP 17

That’s it…

<Any Questions?

http://www.owasp.org/local/belgium.html

sdl@ascure.com

Thank you!

OWASP 18

Subscribe to BE Chapter mailing list

<Keep up to date!<Post your (Web)AppSec questions<Contribute to discussions!