Difference between revisions of "Category:OWASP CBT Project"

From OWASP
Jump to: navigation, search
(Project Downloads)
 
(25 intermediate revisions by one user not shown)
Line 1: Line 1:
==== Main  ====
 
 
 
{| class="FCK__ShowTableBorders" cellspacing="1" cellpadding="1" width="100%" border="0"
 
{| class="FCK__ShowTableBorders" cellspacing="1" cellpadding="1" width="100%" border="0"
 
|-
 
|-
Line 17: Line 15:
 
The goal of this project is to provide computer based training on OWASP security related initiatives. This project is intended to provide increased access of security training material, convenience and flexibility to learners. It will be self-paced and the learning sessions will be available 24x7. Learners will not be bound to a specific day/time to physically attend classes. They can also pause learning sessions at their convenience.  
 
The goal of this project is to provide computer based training on OWASP security related initiatives. This project is intended to provide increased access of security training material, convenience and flexibility to learners. It will be self-paced and the learning sessions will be available 24x7. Learners will not be bound to a specific day/time to physically attend classes. They can also pause learning sessions at their convenience.  
  
In the initial phase of this project we will provide high-level training material for all OWASP projects. On the 2nd phase we plan to provide detail-training material.  
+
The goal of this project is to provide targeted training for application security. PCI training track is an example of this kind of initiative.<br>
<br>
+
* These are the list of topics for PCI training track:
* These are the list of topics:
+
** Application Security Overview
** OWASP Top 10
+
** PCI DSS And PA-DSS Version 2
** ESAPI
+
** Web Basic Concepts
 +
** OWASP Top 10 2010
 +
** CWE/SANS Top 25
 +
** CERT Secure Coding
 +
** Security Scanning
 +
 
 +
* Some of the CBT's and presentation currently available are:
 +
** OWASP Top 10 for 2007 CBT
 +
** W3AF - Security Scanning CBT
 +
** Compliance (PCI DSS and PA-DSS Version 1.1) CBT
 +
** Infrastructure Hardening (PPT)
 +
 
 +
* Some of the topic's that will be covered in future are:
 
** SAMM
 
** SAMM
** ASVS
 
 
** Testing for Security
 
** Testing for Security
 
** Code Review for Security
 
** Code Review for Security
 
** AntiSamy
 
** AntiSamy
 
** Live CD
 
** Live CD
** Compliance (PCI DSS and PA-DSS)
 
 
** WebGoat
 
** WebGoat
 
** WebScarab
 
** WebScarab
** W3AF - Security Scanning
+
 
 
|}
 
|}
  
 
= Project Downloads  =
 
= Project Downloads  =
 +
 +
 +
* PCI Training Presentations Track
 +
**[http://code.google.com/p/owasp-cbt-project/downloads/list Application Security Overview]&nbsp;- Security For Managers And Executives Rev 1-0.ppt
 +
**[http://code.google.com/p/owasp-cbt-project/downloads/list PCI DSS And PA-DSS Version 2 Training ]&nbsp;- PCI DSS And PA-DSS Version 2 Training Rev 1-2.ppt
 +
**[http://code.google.com/p/owasp-cbt-project/downloads/list OWASP Top 10 2010 Training]&nbsp;- OWASP Top 10 2010 Training Rev 1-1.ppt
 +
**[http://code.google.com/p/owasp-cbt-project/downloads/list CWE/SANS Top 25 Training]&nbsp;- CWE-SANS Top 25 Training Rev 1-1.ppt
 +
**[http://code.google.com/p/owasp-cbt-project/downloads/list CERT Secure Coding Training]&nbsp;- CERT Secure Coding Training Rev 1-1.ppt
 +
**[http://code.google.com/p/owasp-cbt-project/downloads/list Security Scanning Training]&nbsp;- Security Scanning Training Rev 1-0.ppt
 +
**[http://code.google.com/p/owasp-cbt-project/downloads/list Web Basic Concepts Training]&nbsp;- Web Basic Concepts Training Rev 1-0.ppt
 +
  
  
Line 40: Line 59:
 
**[http://code.google.com/p/owasp-cbt-project/downloads/list OWASP Top 10 for 2007 CBT]&nbsp;- Download owaspTop10_cbt.zip. Extract the zip and launch&nbsp;owaspTop10_cbt.html  
 
**[http://code.google.com/p/owasp-cbt-project/downloads/list OWASP Top 10 for 2007 CBT]&nbsp;- Download owaspTop10_cbt.zip. Extract the zip and launch&nbsp;owaspTop10_cbt.html  
 
**[http://code.google.com/p/owasp-cbt-project/downloads/list W3AF - Security Scanning CBT]&nbsp;- Download w3af_cbt.zip. Extract the zip and launch w3af_cbt.html
 
**[http://code.google.com/p/owasp-cbt-project/downloads/list W3AF - Security Scanning CBT]&nbsp;- Download w3af_cbt.zip. Extract the zip and launch w3af_cbt.html
**[http://code.google.com/p/owasp-cbt-project/downloads/list Compliance (PCI DSS and PA-DSS) CBT]&nbsp;- Download PCI_cbt.zip. Extract the zip and launch PCI_cbt.html
+
**[http://code.google.com/p/owasp-cbt-project/downloads/list Compliance (PCI DSS and PA-DSS Version 1.1) CBT]&nbsp;- Download PCI_cbt.zip. Extract the zip and launch PCI_cbt.html
 
+
 
+
* PCI Training Presentations
+
**[http://code.google.com/p/owasp-cbt-project/downloads/list Application Security Overview]&nbsp;- Security For Managers And Executives.ppt
+
**[http://code.google.com/p/owasp-cbt-project/downloads/list PCI DSS And PA-DSS Training]&nbsp;- PCI DSS And PA-DSS Training.ppt
+
**[http://code.google.com/p/owasp-cbt-project/downloads/list Security Scanning Training]&nbsp;- Security Scanning Training.ppt
+
 
+
  
  
Line 73: Line 85:
 
** Nishi Kumar
 
** Nishi Kumar
 
* Contributor:
 
* Contributor:
 +
** Keith Turpin
 
** Kaui Hinojosa
 
** Kaui Hinojosa
  
==== FAQ  ====
 
 
[[Image:OWASP-CBT-ProjecFAQ.gif]]
 
  
 
= Questions  =
 
= Questions  =
Line 89: Line 99:
 
* Which tool will be used to create the training material for the first release?
 
* Which tool will be used to create the training material for the first release?
 
  Camtasia Studio
 
  Camtasia Studio
 
==== News  ====
 
[[Image:OWASP-CBT-ProjecNews.gif]]
 
  
 
= First release of OWASP CBT project  =
 
= First release of OWASP CBT project  =
  
First release of OWASP CBT project is scheduled for March 31st 2011
+
First release of OWASP CBT project is scheduled for July 31st 2011
  
  
Line 102: Line 109:
 
{| class="FCK__ShowTableBorders" cellspacing="0" cellpadding="0" width="100%" border="0"
 
{| class="FCK__ShowTableBorders" cellspacing="0" cellpadding="0" width="100%" border="0"
 
|-
 
|-
| [[Image:OWASP-CBT-ProjectDetail.gif]]
+
|  
 
|}
 
|}
  

Latest revision as of 14:30, 16 July 2012

OWASP-CBT-Project long.gif
[edit]

OWASP CBT project plans to provide computer-based training for all major OWASP Projects, which is easy to use. This project plans to include careful consideration of content and target audience needs. The design of each online course will start with the definition of learner-focused performance objectives and then proceed to the selection and implementation of instructional strategies and learning activities appropriate for those objectives. Frequent practice questions or exercises, along with assessments, will measure learners’ achievement of those objectives. The self-paced environment and unlimited access to instruction and assessment will provide all learners with the opportunity to reach their desired level of mastery within each online course.

The goal of this project is to provide computer based training on OWASP security related initiatives. This project is intended to provide increased access of security training material, convenience and flexibility to learners. It will be self-paced and the learning sessions will be available 24x7. Learners will not be bound to a specific day/time to physically attend classes. They can also pause learning sessions at their convenience.

The goal of this project is to provide targeted training for application security. PCI training track is an example of this kind of initiative.

  • These are the list of topics for PCI training track:
    • Application Security Overview
    • PCI DSS And PA-DSS Version 2
    • Web Basic Concepts
    • OWASP Top 10 2010
    • CWE/SANS Top 25
    • CERT Secure Coding
    • Security Scanning
  • Some of the CBT's and presentation currently available are:
    • OWASP Top 10 for 2007 CBT
    • W3AF - Security Scanning CBT
    • Compliance (PCI DSS and PA-DSS Version 1.1) CBT
    • Infrastructure Hardening (PPT)
  • Some of the topic's that will be covered in future are:
    • SAMM
    • Testing for Security
    • Code Review for Security
    • AntiSamy
    • Live CD
    • WebGoat
    • WebScarab



Steps for creating the CBT:

  1. Create the power point template with content.
  2. Export the power point presentation as .jpg or .png.
  3. Write the script that will go with the power point.
  4. Record the voice over using Apple GarageBand.
  5. Export the sound as .mp3.
  6. Camtasia studio also lets us record any demostration.
  7. Include any demonsatrion you have recorded along with sound, power point screen shots etc and assemble it in Camtasia Studio.
  8. Add highlights and help text in Camtasia Studio.
  9. Then export the video. Exported folder will have a main .html files and few supporting files.
  10. Launch the html to run the video.
  11. You need to have Adobe Flash player to run the videos(CBT's).

  • Project Lead:
    • Nishi Kumar
  • Contributor:
    • Keith Turpin
    • Kaui Hinojosa


  • Who is the project lead for OWASP CBT project?
Nishi Kumar is the project lead for OWASP CBT project.
  • How will I contribute to this project?
Send an email to nishi787@hotmail.com. Your contribution to this project will be highly appreciated.
  • Which tool will be used to create the training material for the first release?
Camtasia Studio

First release of OWASP CBT project is scheduled for July 31st 2011


Project Details


PROJECT INFO
What does this OWASP project offer you?
what is this project?
OWASP Computer Based Training Project (OWASP CBT Project)

Purpose: The goal of this project is to provide computer based training on OWASP security related initiatives. This project is intended to provide increased access of security training material, convenience and flexibility to learners. It will be self-paced and the learning sessions will be available 24x7. Learners will not be bound to a specific day/time to physically attend classes. They can also pause learning sessions at their convenience.

License: Creative Commons Attribution ShareAlike 3.0

who is working on this project?
Project Leader: Nishi Kumar @

Project Maintainer: Nishi Kumar @

Project Contributor(s):

how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: Subscribe or read the archives

Project Roadmap: To view, click here

Main links:

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact Nishi Kumar @ to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.

This category currently contains no pages or media.