Difference between revisions of "Category:OWASP Presentations"

From OWASP
Jump to: navigation, search
m (Reverted edits by Frank Alexander (talk) to last revision by Nishi)
Line 1: Line 1:
== Modelo de Auditoría de sistemas:  ==
+
== Welcome to the OWASP Presentations Program ==
  
Éste es un modelo universal para securizar en un alto grado de seguridad al sistema operativo.  
+
In an effort to promote more in-depth work in application security, the OWASP Presentations program is now accepting presentation submissions. Presentations submitted to the OWASP Presentations program will be reviewed by a team of senior application security experts. These reviewers will provide constructive feedback on submissions in the hopes of achieving a publishable quality paper. Papers that are approved by the review team will be published on the OWASP website and will be candidates for presentation at the next OWASP AppSec conference.
  
#Sistema de cifrado congelado: Mantiene en secreto la ubicación del archivo del sistema, previniendo ataques de tipo monitoreo de redes.
+
== Submitting a Presentation ==
#OpenVAS: Línea de comandos para cifrar- descifrar el protocolo TCP/Ip
+
#Filtro Web: Previene intrusiones a través de puertos inseguros
+
#Clam Antivirus: Previene, detecta y corrige virus informático
+
  
<br>
+
To submit a presentation, please use the following [[Media:Presentation_template.ppt | template for Microsoft Powerpoint]] presentations. All submissions should be sent to [mailto:owasp@owasp.org owasp@owasp.org]. By submitting a presentation, you agree to having OWASP publish the presentation on the OWASP website.
  
{| border="1" cellspacing="1" cellpadding="1" width="200" align="center"
+
= OWASP Education Presentation Guidelines =
|-
+
Some guidelines:
| Clam Antivirus
+
* Use the OWASP Education Project [[:Image:Education_Project_Template.zip|Template powerpoint]]
{| border="1" cellspacing="1" cellpadding="1" width="200" align="center"
+
* Provide a summary next to the slides
|-
+
* Add a descriptive summary and expectations on knowledge
| Filtro Web
+
* Only include necessary data
{| border="1" cellspacing="1" cellpadding="1" width="200" align="center"
+
* Slide contents should be self evident
|-
+
* One slide should cover only one specific topic, avoid overly dense slides
| OpenVAS
+
* Max seven words per line, seven lines per slide
{| border="1" cellspacing="1" cellpadding="1" width="200" align="center"
+
* Present information graphically: an image can say more than thousand words
|-
+
* Don't use all capital letters
| Sistema de Cifrado Congelado
+
* limit your presentation to less than 50 slides - better less than 30 slides (a good presentation will be max. 90 minutes and typical time per slide is 2 minutes). If you need more, split the presentation in parts.
|}
+
* Support each slide with notes (the part below the slide in PowerPoint). These notes should provide the presenter with enough material (including references) to prepare the presentation without much extra research.
 +
...
  
|}
+
This way presentations can be reused by the [[Education]] Project.
  
|}
+
= Papers =
  
|}
+
<!--
 +
; [http://link Title] (Author)
 +
: Brief description
 +
-->
  
== Descripción softwares de auditoría  ==
+
; [http://www.owasp.org/images/7/74/Advanced_SQL_Injection.ppt Advanced SQL Injection] (Victor Chapela)
 +
: Detailed methodology for analyzing applications for SQL injection vulnerabilities.
  
*El sistema de cifrado http://truecrypt.org cifra el núcleo del sistema operativo y los discos lógicos impidiendo ataques espía.
+
; [http://link Title] (Author)
 +
: Brief description
  
*Los comandos shell http://openvas.org sirven para analizar protocolos de red, detección de virus y cifrado del protocolo IpV4-6
+
== Keynote Template ==
  
*El filtro web http://freenetproject.org es una técnica que reemplaza al Firewall, discriminando puertos inseguros, ahorrando tiempo de procesamiento en el núcleo del sistema.
+
If you want to create a presentation with Apple Keynote using the OWASP design, you can use the [[Media:OWASP_Keynote_Template.zip|Keynote '08 template]].
  
*Clamwin.com es un software de código abierto, no usa computación en la nube y tiene una GUI que detecta virus en línea http://sourceforge.net/projects/clamsentinel
+
<br>
 
+
== OWASP Presentation Template 2010 - Draft ==
== Macroinformática  ==
+
 
+
La macroinformática comprende eficiencia, seguridad y naturaleza. La eficacia de un sistema operativo se mide por la interacción hombre-máquina, sintetizando aplicaciones minimalistas y ejecutándolas nuestro sistema operativo procesará los datos eficientemente, ejemplos:
+
 
+
*Transmisión cifrada: Cliente e-mail con GnuPG
+
 
+
http://fellowship.fsfe.org
+
 
+
*Sistema de cifrado: Cifra y descifra texto plano, imágenes, etc..
+
 
+
#ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe
+
#http://cryptophane.googlecode.com/files/cryptophane-0.7.0.exe
+
 
+
*Ruby: Lenguaje de programación experimental
+
 
+
http://ruby-lang.org
+
 
+
*J2re1.3.1_20: Ejecutable de objetos interactivos o applets
+
 
+
http://java.sun.com/products/archive/j2se/1.3.1_20/index.html
+
 
+
*Escritorio: Gestor de ventanas X11
+
 
+
http://windowmaker.info
+
 
+
*Gnuzilla: Navegador seguro y de uso libre
+
 
+
http://code.google.com/p/iceweaselwindows/downloads/list
+
 
+
*Gnupdf: Visor de formato de texto universal pdf
+
 
+
http://blog.kowalczyk.info/software/sumatrapdf
+
 
+
*Gnuflash: Jugador alternativo a flash player
+
 
+
http://gnu.org/software/gnash
+
 
+
*Zinf: Reproductor de audio
+
 
+
http://zinf.org
+
 
+
*Informática forense: Análisis de datos ocultos en el disco duro
+
 
+
http://sleuthkit.org
+
 
+
*Compresor: Comprime datos sobreescribiendo bytes repetidos
+
 
+
http://peazip.sourceforge.net
+
 
+
*Ftp: Gestor de descarga de archivos
+
 
+
http://dfast.sourceforge.net
+
 
+
*AntiKeylogger: Neutraliza el seguimiento de escritorios remotos (Monitoring)
+
 
+
http://psmantikeyloger.sourceforge.net
+
 
+
*Password manager: Gestión de contraseñas
+
 
+
http://passwordsafe.sourceforge.net
+
 
+
*Limpiador de disco: Borra archivos innecesrios del sistema
+
 
+
http://bleachbit.sourceforge.net
+
 
+
*Desfragmentador: Reordena los archivos del disco duro, generando espacio virtual
+
 
+
http://kessels.com/jkdefrag
+
 
+
*X11: Gestor de ventanas, reemplazo de escritorio Xwindow's
+
 
+
http://bb4win.org
+
 
+
*Open Hardware: Hardware construído por la comunidad Linux
+
 
+
http://open-pc.com
+
 
+
*Open WRT: Firmware libre para configurar transmisión de Internet
+
 
+
http://openwrt.org
+
 
+
*Gnu- Linux: Sistema operativo universal
+
 
+
http://gnewsense.org
+
 
+
== Biocriptoseguridad ==: Es la unión de la biología, criptografía y hacking ético para formar una defensa stándar contra virus complejos.
+
 
+
Implementación de la biocriptoseguridad informática:
+
 
+
#Amplificar la banda ancha
+
#Optimizar (limpiar- modificar) el sistema operativo
+
#Desfragmentar los discos lógicos
+
#Ocultar el sistema operativo
+
#Configurar antivirus
+
#Limpiar y desfragmentar
+
#Congelar
+
 
+
*Sistema inmune._ Defensa biológica natural contra infecciones como virus http://immunet.com
+
 
+
*Criptografía._ Método de escritura oculta por caractes, números y letras:—{H}/gJa¢K¡Ng÷752%\*)A>¡#(W|a— http://diskcryptor.net
+
 
+
*Hacking ético._ Auditoría de sistemas informáticos que preserva la integridad de los datos.
+
 
+
Congelador: Mantiene el equilibrio en la integridad de los datos, el sistema operativo, red , memoria ram, ciclos de CPU, espacio en disco duro e incidencias de malware
+
 
+
*http://code.google.com/p/hzr312001/downloads/detail?name=Deep%20systemze%20Standard%20Version%206.51.020.2725.rar&amp;can=2&amp;q= (para Window's)
+
*http://sourceforge.net/projects/lethe (para GNU/Linux)
+
 
+
<br>Auditoría de virus cifrado._ Un criptovirus se oculta tras un algoritmo de criptografía, generalmente es híbrido simétrico-asimétrico con una extensión de 1700bit's, burla los escáneres antivirus con la aleatoriedad de cifrado, facilitando la expansión de las botnet's. La solución es crear un sistema operativo transparente, anonimizarlo y usar herramientas de cifrado stándar de uso libre:
+
 
+
*Gnupg: Sirve para cifrar mensajes de correo electrónico http://gpg4win.org/download.html
+
 
+
*Open Secure Shell: Ofuscador TcpIp, protege el túnel de comunicación digital cifrando la Ip. http://openvas.org
+
 
+
*Red protegida: DNS libre http://namespace.org/switch
+
 
+
*Criptosistema simétrico: Encapsula el disco duro, incluyendo el sistema operativo,usando algoritmo Twofish http://truecrypt.org/downloads.php
+
  
*Proxy cifrado: Autenticación de usuario anónimo http://torproject.org
+
[http://www.owasp.org/index.php/File:OWASP_Presentation_Template.pptx New OWASP Presentation Template Draft - 2010]
  
Energías renovables._ Son energías adquiridas por medios naturales: hidrógeno, aire, sol que disminuyen la toxicidad de las emisiones de Co2 en el medio ambiente, impulsando políticas ecologistas contribuímos a preservar el ecosistema. Ejm: Usando paneles solares fotovoltaicos.
+
----

Revision as of 18:06, 7 February 2011

Contents

Welcome to the OWASP Presentations Program

In an effort to promote more in-depth work in application security, the OWASP Presentations program is now accepting presentation submissions. Presentations submitted to the OWASP Presentations program will be reviewed by a team of senior application security experts. These reviewers will provide constructive feedback on submissions in the hopes of achieving a publishable quality paper. Papers that are approved by the review team will be published on the OWASP website and will be candidates for presentation at the next OWASP AppSec conference.

Submitting a Presentation

To submit a presentation, please use the following template for Microsoft Powerpoint presentations. All submissions should be sent to owasp@owasp.org. By submitting a presentation, you agree to having OWASP publish the presentation on the OWASP website.

OWASP Education Presentation Guidelines

Some guidelines:

  • Use the OWASP Education Project Template powerpoint
  • Provide a summary next to the slides
  • Add a descriptive summary and expectations on knowledge
  • Only include necessary data
  • Slide contents should be self evident
  • One slide should cover only one specific topic, avoid overly dense slides
  • Max seven words per line, seven lines per slide
  • Present information graphically: an image can say more than thousand words
  • Don't use all capital letters
  • limit your presentation to less than 50 slides - better less than 30 slides (a good presentation will be max. 90 minutes and typical time per slide is 2 minutes). If you need more, split the presentation in parts.
  • Support each slide with notes (the part below the slide in PowerPoint). These notes should provide the presenter with enough material (including references) to prepare the presentation without much extra research.

...

This way presentations can be reused by the Education Project.

Papers

Advanced SQL Injection (Victor Chapela)
Detailed methodology for analyzing applications for SQL injection vulnerabilities.
Title (Author)
Brief description

Keynote Template

If you want to create a presentation with Apple Keynote using the OWASP design, you can use the Keynote '08 template.


OWASP Presentation Template 2010 - Draft

New OWASP Presentation Template Draft - 2010


Pages in category "OWASP Presentations"

The following 3 pages are in this category, out of 3 total.

Media in category "OWASP Presentations"

The following 70 files are in this category, out of 70 total.