OWASP EU Summit 2008

KEY RESULTS FROM THE OWASP SUMMIT
Key results from the OWASP Summit include:

•	New Free Tools and Guidance - OWASP announced the release of Live CD 2008, many new testing tools, static analysis tools, the Enterprise Security API (ESAPI v1.4), AntiSamy, the Application Security Verification Standard (ASVS), guidance for Ruby on Rails and Classic ASP, international versions of our materials, and much more.

•	New Outreach Programs – OWASP has expanded its outreach efforts by building relationships with technology vendors, framework providers, and standards bodies. In addition, we piloted a new program to provide free one-day seminars at universities and developer conferences worldwide.

•	New Global Committee Structure – OWASP recognized the extraordinary contribution of our most active leaders by engaging them to lead a set of seven new committees. Each democratically established committee will focus on a key function or geographic region, such as OWASP projects, conferences, local chapters, and industry outreach.

TOOLS AND PROJECTS APPROVED OR LAUNCHED DURING THE SUMMIT
OWASP is proud to launch the following new or updated tools:

•	Application Security Verification Standard, Mike Boberski

•	AppSensor, Michael Coates

•	Access Control Rules Tester, Andrew Petukhov

•	AntiSamy .NET, Arshan Dabirsiaghi

•	Application Security Tool Benchmarking Environment and Site Generator refresh, Dmitry Kozlov

•	Code Crawler, Alessio Marziali

•	JSP Testing Tool, Jason Li

•	Live CD 2008, Matt Tesauro

•	OpenPGP Extensions for HTTP – Enigform and mod_openpgp, Arturo ‘Buanzo’

•	Orizon Project, Paolo Perego

•	Python Static Analysis, Georgy Kilmov

•	Skavenger, Matthias Rohr

•	Teachable Static Analysis Workbench, Dmitry Kozlov & Igor Konnov

OWASP is proud to launch the following new or updated documents or resources:
•	Application Security Desk Reference (ASDR), Leonardo Cavallari

•	Backend Security Project, Carlo Pelliccioni

•	Classic ASP Security Project, Juan Carlos Calderon

•	Code review guide, V1.1, Eoin Keary

•	Education Project, Martin Knobloch

•	Internationalization Guidelines – Spanish project, Juan Carlos Calderon

•	Positive Security Project, Eduardo V.C. Neves

•	Ruby on Rails Security Guide V2, Heiko Webers

•	Securing WebGoat using ModSecurity, Stephen Craig Evans

•	Source Code Review Projects, James Walden

•	Testing Guide V3, Matteo Meucci

CODE OF ETHICS
•	Support the implementation of and promote compliance with standards, procedures, controls for application security

•	Have objectivity, due diligence and professional care in accordance with established standards

•	Responsible disclosure

OWASP PRINCIPLES
•	Free & Open

•	Governed by rough consensus & running code

•	Abide by a code of ethics (see ethics)

•	Not-for-profit

•	Not driven by commercial interests

•	Risk based approach

GLOBAL COMMITTEE PAGES
Summit Brochure 6 page brochure or this 33 page brochure.

FORMER AGENDA
Click here to see.

VENUE & TRAVEL ARRANGEMENTS
The OWASP European Summit 2008 will be hosted at the 5 start Resort in Algarve Portugal (Grande Real Santa Eulália Resort & Hotel). We suggest the hotel booking and the travel arrangements be handled via Diplomata Tours, the assigned travel agency.

The venue address:

Praia de Santa Eulália

PO Box 2445

Albufeira, Portugal

8200-916

Google Maps Link

Nearest Airport: Faro

U.S. Absentee Voting Information
U.S. citizens attending the Summit on 4 November (Election Day) may vote absentee. You may find the information you need here, here or here, or on your home state/territory or foreign embassy/consulate web site. These links are provided for your information only; OWASP does not endorse any political party, candidate, etc. and is not able to provide you with instructions or assistance in voting or registering.