OWASP Newsletter 10

''Sent to owasp-all mailing list on ?? May 2007''

OWASP Newsletter #10 (10-Jul-2007)
Welcome to the 10th OWASP Newsletter covering:
 * The OWASP Moderated AppSec News Feed
 * (Past) OWASP on the Move Events
 * What's happening online at OWASP and in your chapters?
 * OWASP references in the Media

Don't by shy to put YOUR stuff in the next OWASP Newsletter 11.

regards,

Sebastien Deleersnyder Belgium/Luxemburg OWASP Chapter board member

Featured Item: The OWASP Moderated AppSec News Feed
This news feed is moderated by OWASP and will feature high-quality posts focused on application security that advance the field, provide useful insight, or are useful educational resources. The OWASP Moderated AppSec News Feed

(Past) OWASP on the Move Events
The [OWASP On the Move] page allows you to find:
 * In Turkey Dinis will talk about OWASP World (tools, documents, projects,etc..)
 * In Belgium Ivan Ristic and Dinis Cruz came to the chapter meeting (sponsored by F5 Networks locally).
 * OWASP speakers to entertain OWASP presentations and that want to see the world
 * Local chapters or application security events that want to attract an OWASP speaker
 * OWASP sponsors that want to support spreading the OWASP message== Featured Project: tbd ==

Latest additions to the WIKI

 * Cross-Site Request Forgery
 * 7th OWASP AppSec Conference - San Jose 2007
 * OWASP Code Review Guide Table of Contents
 * First sweep of the code base
 * Category:OWASP Web 2.0 Project
 * Category:How To
 * Java Server Faces
 * OWASP Spring Of Code 2007 Project Management
 * Resource Injection
 * Repudiation Attack
 * Top 10 2007-Injection Flaws
 * Wiki sandbox
 * IPhone
 * WSS
 * Category:OWASP .NET Project
 * Template:Jobs Board
 * Introduction
 * DN BOFinder
 * Category:OWASP Web Application Security Put Into Practice
 * Cross Site Scripting
 * CSRF Guard
 * Top 10 2007-Cross Site Request Forgery
 * Category:OWASP DirBuster Project
 * Appendix A: Testing Tools
 * OWASP Code Review Guide Table of Contents
 * Top 10 2007-Insecure Cryptographic Storage
 * Cryptography
 * Top 10 2007-Broken Authentication and Session Management
 * Avoiding SQL Injection
 * Reviewing Code for SQL Injection
 * Testing for SQL Injection
 * Top 10 2007-Injection Flaws
 * Guide to SQL Injection
 * Top 10 2007-Cross Site Scripting
 * Category:OWASP Cookies Database
 * Category:OWASP CLASP Project
 * Category:OWASP Oracle Project
 * OWASP on the Move
 * Reviewing Cryptographic Code
 * Category:OWASP XML Security Gateway Evaluation Criteria Project Latest

Updated chapterpages
Updated chapter pages:
 * Boston
 * Turkey
 * Denver
 * Spain
 * Phoenix/Tools
 * Taiwan OWASP 2007
 * Virginia (Northern Virginia)
 * Houston
 * Belgium
 * Boulder
 * NYNJMetro
 * Toronto
 * France
 * Minneapolis St Paul

New Documents & Presentations from chapters
For a complete list of chapter presentations see the online table of presentations.

OWASP Community
OWASP and WASC have joined together to host a combined meetup at Blackhat USA 2007 in Las Vegas on Aug 1 from 8-9:30 at the Shadow Bar. Breach Security has stepped forward to sponsor the event. Please download the invite and RSVP. Come and join us for a drink and meet other like minded people from the industry. NOTE: Those who have already RSVPed need not to RSVP again.

OWASP references in the Media

 * tbd