Difference between revisions of "CommunityUpdates/2014-08-26"

From OWASP
Jump to: navigation, search
(Conferences)
(Those on Video)
 
(17 intermediate revisions by 4 users not shown)
Line 4: Line 4:
 
== Those on Video ==
 
== Those on Video ==
 
* Michael Coates - @_mwc
 
* Michael Coates - @_mwc
 
+
* Mark Major
  
 
== Watch the live or recorded meeting==
 
== Watch the live or recorded meeting==
 
9am Pacific / 5pm London
 
9am Pacific / 5pm London
* [TBD Google+ link]
+
* [https://plus.google.com/b/114897759028714798478/events/cc0k2keie6rfthet8m79ef2f87s Google+ link]
* [TBD YouTube Link]
+
* [http://www.youtube.com/watch?v=mMEP8uN9E_Y YouTube Link]
 
* [https://www.owasp.org/index.php/CommunityUpdates/2014-07-08 Last meeting's agenda]
 
* [https://www.owasp.org/index.php/CommunityUpdates/2014-07-08 Last meeting's agenda]
 
* [https://www.owasp.org/index.php/CommunityUpdates Community Update Overall Page]
 
* [https://www.owasp.org/index.php/CommunityUpdates Community Update Overall Page]
Line 19: Line 19:
 
= Upcoming Events =
 
= Upcoming Events =
 
* [https://www.owasp.org/index.php/2014_Board_Elections 2014 OWASP Elections!] - [https://www.owasp.org/index.php/2014_Board_Elections#2014_Board_Candidates Candidates Announced]
 
* [https://www.owasp.org/index.php/2014_Board_Elections 2014 OWASP Elections!] - [https://www.owasp.org/index.php/2014_Board_Elections#2014_Board_Candidates Candidates Announced]
 
+
* OWASP AppSecUSA - [http://2014.appsecusa.org/2014/registration/ Register Now]
 +
[http://appsecusa.org [[File:AppSecUSA.LightBg.900x151.png|alt=AppSec USA 2014| link=http://2014.appsecusa.org]] ]
 +
* OWASP Asia Tour
 +
** Stops planned in Japan, Thailand, Malaysia, Singapore and China.
 +
** Contact Tobias via email tobias.gondrom@owasp.org
 +
** if you are a chapter in Asia and like to join (and haven't done so yet, please contact Tobias)
 +
** If you are an OWASP member in Asia and have a great technical presentation contact Tobias
  
 
= Chapters =
 
= Chapters =
Line 25: Line 31:
 
<!-- Date - Chapter name - [http://# more info] -->
 
<!-- Date - Chapter name - [http://# more info] -->
 
* September 2nd, 2014, - OWASP Israel - Interdisciplinary Center in Herzliya (IDC) -[https://www.owasp.org/index.php/AppSec_Israel_2014 more info]  
 
* September 2nd, 2014, - OWASP Israel - Interdisciplinary Center in Herzliya (IDC) -[https://www.owasp.org/index.php/AppSec_Israel_2014 more info]  
* August 1, 2014 - OWASP USA:Louisville -  [https://www.owasp.org/index.php/Louisville more info]
 
  
 
''[https://www.owasp.org/index.php/OWASP_Chapter Full list of worldwide chapters]'', ''[http://www.google.com/calendar/embed?src=hl6cjgs6ep1h7oniqgueu2bhbo%40group.calendar.google.com&ctz=America/Los_Angeles OWASP Events Calendar]''
 
''[https://www.owasp.org/index.php/OWASP_Chapter Full list of worldwide chapters]'', ''[http://www.google.com/calendar/embed?src=hl6cjgs6ep1h7oniqgueu2bhbo%40group.calendar.google.com&ctz=America/Los_Angeles OWASP Events Calendar]''
Line 36: Line 41:
 
* Need funding for an OWASP activity? Check out [https://www.owasp.org/index.php/Funding the funding page]
 
* Need funding for an OWASP activity? Check out [https://www.owasp.org/index.php/Funding the funding page]
  
== Chapter Metrics Q2)==
+
== Chapter Metrics Q2==
 
{| style="width: 60%; height: 200px" border="1"
 
{| style="width: 60%; height: 200px" border="1"
 
|-
 
|-
Line 59: Line 64:
 
*Restarted Chapters: 3
 
*Restarted Chapters: 3
  
==CHAPTERS BY REGION==
+
==Chapters By Region==
  
 
Total Chapters (inactive chapters)
 
Total Chapters (inactive chapters)
Line 82: Line 87:
  
 
= Projects =
 
= Projects =
*
+
* [[OWASP_JSEC_CVE_Details | OWASP JSEC CVE Details ]]
 +
** OWASP JSEC CVE Details is is an opensource application developed in Java that uses the api provided by cvedetails.com to receive latest CVE updates
 +
* [[OWASP_CISO_Survey | OWASP CISO]] Survey has launched.
 +
** Add we need everyone's help to collect the survey data. The Survey is available in English, Chinese, Hebrew and Japanese. https://www.surveymonkey.com/s/CISOSurvey2014
 +
** An email with the invitation to the Survey will go out later today to the leaders and community lists (after my plane has landed). Please forward the invitation to your security managers in your companies. And if you like to join later the analysis and report writing, please join the project team
 +
(https://www.owasp.org/index.php/OWASP_CISO_Survey_Project)
  
 
= Talks & Outreach =
 
= Talks & Outreach =
Recent Security Talks
+
==Recent Security Talks==
 +
* [[Bay_Area | OWASP Bay Area]]
 +
** Paul McMillan from Nebula @PaulM - Attacking the Internet of Things using Time
 +
** Ben Hagen from Netflix @BenHagen - Cloud Security at Scale and What it Means for Your Application
 +
* [http://www.meetup.com/OWASP-NYC/events/189278132/ OWASP NYC]
 +
** Rene Aguero - Defending The New Perimeter: Techniques for Managing User Risk
 +
** David Maman- WAF is Not Enough
 +
* [https://www.owasp.org/index.php/Switzerland#tab=Next_Meetings OWASP Switzerland]
 +
** Stefan Horlacher - (Client-Side) Flash Security by
 +
==BlackHat Arsenal 2014==
 +
On August 6th and 7th, ZAP, PCI TOOLKIT and Dependency check were presented during the BlackHat USA Arsenal Tools in Las Vegas
 +
The sessions were a success, and OWASP had a big opportunity to present these tools.
 +
Other OWASP members were there to present their tools such as
 +
Abbas Naderi with Taintless
 +
Ryan Barnett with Modsecurity and
 +
Josh Sokol with Simple Risk
 +
 
 +
Visit https://www.blackhat.com/us-14/arsenal.html to learn more about the presentations
  
 +
== OWASP in the News ==
 +
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top 10] was mentioned in the VentureBeat article [http://venturebeat.com/2014/08/23/the-internet-of-things-will-be-vulnerable-for-years-and-no-one-is-incentivized-to-fix-it/ The Internet of Things will be vulnerable for years, and no one is incentivized to fix it]
 +
* OWASP Internet of Things - @ThingsExpo | Internet of Things OWASP Top Ten (#IoT) http://www.sys-con.com/node/3131715
 +
* Organization of American States (OAS) and OWASP - http://www.oas.org/en/media_center/press_release.asp?sCodigo=E-328/14
  
 
= Activities Looking for Volunteers =
 
= Activities Looking for Volunteers =

Latest revision as of 10:08, 26 August 2014

Join the Meeting - Connection Information

  • Tuesday August 26, 2014

Those on Video

  • Michael Coates - @_mwc
  • Mark Major

Watch the live or recorded meeting

9am Pacific / 5pm London

OWASP'er Mentions

Upcoming Events

AppSec USA 2014

  • OWASP Asia Tour
    • Stops planned in Japan, Thailand, Malaysia, Singapore and China.
    • Contact Tobias via email tobias.gondrom@owasp.org
    • if you are a chapter in Asia and like to join (and haven't done so yet, please contact Tobias)
    • If you are an OWASP member in Asia and have a great technical presentation contact Tobias

Chapters

Chapter Events

  • September 2nd, 2014, - OWASP Israel - Interdisciplinary Center in Herzliya (IDC) -more info

Full list of worldwide chapters, OWASP Events Calendar

Chapter Info

Chapter Metrics Q2

DATE April 2014 May 2014 June 2014
TOTAL 267 Chapters 268 Chapters 270 Chapters


  • Active Chapters: 235
  • Inactive Chapters: 35 (listed as not having a chapter leader)
  • New Chapters: 1
  • Restarted Chapters: 3

Chapters By Region

Total Chapters (inactive chapters)

  • Africa: 16 (3)
  • Asia Pacific: 17 (2)
  • Canada: 12 (6)
  • Europe: 56 (5)
  • Latin America: 38 (10)
  • Middle East: 38 (2)
  • United States: 86 (8)

Conferences

Full conference calendar

Projects

  • OWASP JSEC CVE Details
    • OWASP JSEC CVE Details is is an opensource application developed in Java that uses the api provided by cvedetails.com to receive latest CVE updates
  • OWASP CISO Survey has launched.
    • Add we need everyone's help to collect the survey data. The Survey is available in English, Chinese, Hebrew and Japanese. https://www.surveymonkey.com/s/CISOSurvey2014
    • An email with the invitation to the Survey will go out later today to the leaders and community lists (after my plane has landed). Please forward the invitation to your security managers in your companies. And if you like to join later the analysis and report writing, please join the project team

(https://www.owasp.org/index.php/OWASP_CISO_Survey_Project)

Talks & Outreach

Recent Security Talks

  • OWASP Bay Area
    • Paul McMillan from Nebula @PaulM - Attacking the Internet of Things using Time
    • Ben Hagen from Netflix @BenHagen - Cloud Security at Scale and What it Means for Your Application
  • OWASP NYC
    • Rene Aguero - Defending The New Perimeter: Techniques for Managing User Risk
    • David Maman- WAF is Not Enough
  • OWASP Switzerland
    • Stefan Horlacher - (Client-Side) Flash Security by

BlackHat Arsenal 2014

On August 6th and 7th, ZAP, PCI TOOLKIT and Dependency check were presented during the BlackHat USA Arsenal Tools in Las Vegas The sessions were a success, and OWASP had a big opportunity to present these tools. Other OWASP members were there to present their tools such as Abbas Naderi with Taintless Ryan Barnett with Modsecurity and Josh Sokol with Simple Risk

Visit https://www.blackhat.com/us-14/arsenal.html to learn more about the presentations

OWASP in the News

Activities Looking for Volunteers

OWASP Wiki

Pages that Need Attention

Editing Tips & Tricks

Wiki Clean Up Crew

Wiki-Fu

Announcements from the Foundation