Revision as of 09:35, 18 May 2011 by Ludovic Petit (talk | contribs)

Jump to: navigation, search

OWASP France

Welcome to the France chapter homepage. The Chapter Leaders are Sebastien Gioria and Ludovic Petit
Click here to join the local chapter mailing list.


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG <paypal>France Chapter</paypal>

The French Chapter is also available on LinkedIn: Join us to exchange with your peers, it only takes a minute!


May 2011 - Paris Meeting

[Logo to be placed here]

We are honored to welcome Jim Manico during his European Tour in the Netherlands, Belgium and France

  • Overview
    • Apart from OWASP's Top 10, most OWASP Projects are not widely used and understood. In most cases this is not due to lack of quality and usefulness of those Document & Tool projects, but due to a lack of understanding of where they fit in an Enterprise's security ecosystem or in the Web Application Development Life-cycle.
    • This course aims to change that by providing a selection of mature and enterprise ready projects together with practical examples of how to use them.
    • The course will be very practical where demonstration and hands-on exercises will be provided for the tools covered.
    • If you are interested in participating in the hands on portion of the course, please bring a laptop.
  • Abstract Title: "The Ghost of XSS Past, Present and Future. A Defensive Tale"
    • This talk will discuss the past methods used for XSS defense that were only partially effective. Learning from these lessons, will will also discuss present day defensive methodologies that are effective, but place an undue burden on the developer. We will then finish with a discussion of future XSS defense mythologies that shift the burden of XSS defense from the developer to various frameworks. These include auto-escaping template technologies, browser-based defenses such as Content Security Policy, and Javascript sandboxes such as the Google CAJA project and JSReg.
  • Speaker
    • Jim Manico is a managing partner of Infrared Security with over 15 years of professional web development experience. Jim is also the Chair of the OWASP Connections Committee, one of the Project Managers of the OWASP ESAPI Project, a participant and manager of the OWASP Cheatsheet series, the Producer and host of the OWASP Podcast Series, the Manager of the OWASP Java HTML Sanitizer project and the manager of the OWASP Java Encoder project. When not OWASP'ing, Jim lives on of island of Kauai with his lovely wife Tracey.
  • Date
    • May 24, 2011
  • Venue
    • Paris

EUROPE - ENISA’s Who-is-Who Directory on Network and Information Security

We are pleased to announce that OWASP France is part of the ENISA’s Who-is-Who Directory.

The ENISA is the European Network and Information Security Agency. The ENISA Who-is-Who Directory on Network and Information Security 2011 contains information on NIS stakeholders, such as national and European authorities and NIS organisations, contact details, websites, and areas of responsibilities or activities. This Directory serves as the "yellow pages" of Network and Information Security (NIS) in Europe. As such, it is a useful tool for those working closely with NIS issues in Europe.

Top Ten 2010 Translation

The OWASP TOP Ten 2010 in French is available


Le 6 Mai 2009 à 17h30 à L'EPITECH :

A propos des Speakers :

Renaud Bidou : Directeur Technique de DenyAll. Il travaille depuis plus de 10 ans dans la sécurité et a publié de nombreux articles et white-papers touchant à des sujets aussi variés que les dénis de service, les portknockers, les botnets, la mise en place d’un SOC, l’analyse graphique d’attaques ou encore les techniques de contournements.

Claudio Merloni : Claudio Merloni est Software Security Consultant chez Fortify Software. Ses expériences dans le domaine de la sécurité embrassent la sécurité applicative, revue de code, architectures sécurisées, analyse des risques, conformité, test de sécurité à niveau réseau, système et applicatif, monitoring, contrôle d'accès. Il a participé a plusieurs conférences, entre lesquelles BlackHat et CONFidence.


Amphi 2

14-16 rue Voltaire

94276 Kremlin Bicêtre Cedex

Moyens d'accès Métro

  • ligne 7 : Porte d'Italie


  • ligne 47, 125, 131, 185 : Roger Salengro
  • ligne 186 : Pierre Brossolette


  • périphérique : sortie Porte d'Italie

Offres de Présentation/Contributions

  • Sébastien Gioria est disponible à partir de Mars 2008 pour vous présenter le projet OWASP ainsi que pour des sessions de sensibilisation/formation sur la sécurité des applications Web.

Informations locales


Documents Francais