OWASP Newsletter 8

''Sent to owasp-all mailing list on ?? Mar 2007''

OWASP Newsletter #7 (?-Mar-2007)
Welcome to the 8th OWASP Newsletter, featuring the OWASP Spring Of Code 2007, details on the 6th AppSec Conference and the Category:OWASP Code Review Project seeking for volunteers.

We now also scan blogs for OWASP references: spread the story!

If you have any content to add to the next edition, feel free to add it directly to its WIKI page (OWASP Newsletter 9).

Sebastien Deleersnyder

Belgium Chapter Leader

Featured Item: OWASP Spring Of Code 2007
Following the success of last year's Autumn of Code (AoC 06) we are are now launching the OWASP Spring of Code 2007 (SpoC 007) with more budget, more energy and more expectations :) Please submit your OWASP Spring Of Code 2007 Applications online!

Featured Item: Milan (Italy) Conference Agenda details!
Join us for our 6th AppSec Conference May 15-17 in Milan, Italy. Microsoft will be presenting "The Benefits of the SDL initiative to Microsoft and its Customers" and there will be expert talks on Web Services Security, Securing AJAX, the Microsoft Secure Development Lifecycle, all the new OWASP projects, and much more.

Featured Project: Category:OWASP Code Review Project
The OWASP Code Review project was concieved by Eoin Keary the OWASP Ireland Founder and Chapter Lead. We are actively seeking techies to add new sections as new web technologies emerge. Need help on this one, don't be shy, all help appreciated.

View the OWASP Code Review Project Roadmap.

Featured Project: Category:OWASP WeBekci Project
WeBekci is a web based ModSecurity 2.x management tool. WeBekci is written in PHP, Its backend is powered by MySQL and the frontend by XAJAX framework. It will remove management overhead of ModSecurity 2.x. You can configure modsecurity.conf, add special rules and watch system, apache and modsecurity logs (only guardianlog has been implemented in this version).

New Pages

 * ‎Denver February 2007 meeting
 * ‎6th OWASP AppSec Conference - Italy 2007/Agenda
 * ‎Comprehensive list of Threats to Authentication Procedures and Data
 * ‎WebScarab SSL Certificates

Updated pages
Updated chapter pages:
 * Taiwan
 * Phoenix
 * New Jersey
 * Switzerland
 * OWASP Community
 * Greece
 * Belgium
 * Denver
 * Washington DC
 * Boston
 * London
 * Virginia (Northern Virginia)
 * San Francisco
 * SoCal

Other pages:
 * OWASP Spring Of Code 2007 Applications
 * Testing for Directory Traversal
 * Testing for Session Management Schema
 * OWASP Education Presentation‎
 * Phishing
 * Comprehensive list of Threats to Authentication Procedures and Data
 * Authentication Error‎
 * Category:OWASP Interceptor Project
 * Category:OWASProfiler Project
 * OWASP AppSec Conference Sponsors
 * Category:OWASP WebGoat Project
 * Fuzzing
 * Category:OWASP WeBekci Project
 * Main Page
 * Category:OWASP AJAX Security Project
 * OWASP Code Review Guide Table of Contents
 * Java Security Frameworks
 * OWASP Java Table of Contents
 * PDF Attack Filter for Apache mod rewrite
 * Member Offers
 * Data Validation
 * OWASP Application Security FAQ
 * Phoenix/Tools
 * OWASP Tiger

New Documents & Presentations from chapters
For a complete list of chapter presentations see the online table of presentations.

Latest Blog entries

 * Lists of tools for VMWare box
 * Today mantra

OWASP Community

 * May 15 (18:00h) - Rochester chapter meeting
 * May 10 (18:00h) - Belgium chapter meeting
 * May 9 (18:00h) - Toronto chapter meeting
 * May 9 (18:00h) - Ottawa Chapter Meeting 
 * May 8 (18:00h) - Washington DC (N. VA) chapter meeting
 * May 2 (18:30h) - Boston chapter meeting
 * May 1 (18:00h) - Melbourne chapter meeting
 * May 21 (14:00h) - 2nd OWASP Israel mini conference
 * Apr 26 (17:00h) - Switzerland chapter meeting and "Swiss Security Dinner"
 * Apr 20 (19:00h) - Hong Kong chapter meeting - Objectives for 2007
 * Apr 17 (18:00h) - Rochester chapter meeting
 * Apr 12 (18:00h) - Netherlands chapter meeting
 * Apr 11 (18:00h) - Toronto chapter meeting
 * Apr 10 (18:00h) - Washington DC (N. VA) chapter meeting
 * Apr 4 (18:30h) - Boston chapter meeting
 * Apr 3 (18:00h) - Melbourne chapter meeting
 * Mar 30 - [| Italy@Master in Security at "La Sapienza"]

OWASP references in the Media / Blogs

 * SANS Launches Security Certification for Programmers
 * Web Application Remediation - OWASP San Antonio Meeting Tomorrow
 * OWASP Meeting and “Swiss Security Dinner”
 * OWASP Testing Guide 2.0
 * OWASP Spring of Code 2007
 * JBroFuzz 0.5 from OWASP - Stateless Network Protocol Fuzzer
 * OWASP AppSec Conference - Italy 2007
 * WhiteHat Security Chief Technology Officer Jeremiah Grossman To Present at OWASP New York/New Jersey Meeting
 * Security's New School