Difference between revisions of "OWASP Academy Portal Project"

From OWASP
Jump to: navigation, search
 
(25 intermediate revisions by 3 users not shown)
Line 1: Line 1:
==== Main ====
+
=Main=
Here the description has to come.
+
Link to the actual portal: http://owaspa.org/
+
  
==== Project About ====
+
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>
{{:Projects/OWASP Academy Portal Project | Project About}}
+
  
==== Kick-Off notes January 2011 ====
+
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 +
| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
 +
 
 +
==OWASP Academy Portal==
 +
 
 +
The [http://owaspa.org '''OWASP Academy Portal'''] is to be the single access point to the categorized OWASP educational Material.
 +
 
 +
On the OWASP Academy Portal, all OWASP internal and donated training material can be accessed. <br>
 +
Those training material is reviewed and approved by the OWASP Academy Portal Project members <br>
 +
in order to set and maintain an OWASP-worthy training quality. <br>
 +
The Global Education Committee is guiding and enabling the efforts of the Academy Portal.
 +
 
 +
==Introduction==
 +
 
 +
Write a short introduction
 +
 
 +
 
 +
 
 +
==Description==
 +
 
 +
Write a description that is just a few paragraphs long
 +
 
 +
 
 +
==Licensing==
 +
OWASP XXX is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
 +
 
 +
 
 +
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 +
 
 +
== What is XXX? ==
 +
 
 +
OWASP XXX  provides:
 +
 
 +
* xxx
 +
* xxx
 +
 
 +
 
 +
== Presentation ==
 +
 
 +
Link to presentation
 +
 
 +
 
 +
 
 +
 
 +
== Project Leader ==
 +
 
 +
Project leader's name
 +
 
 +
 
 +
== Related Projects ==
 +
 
 +
* [[OWASP_CISO_Survey]]
 +
 
 +
 
 +
 
 +
| valign="top"  style="padding-left:25px;width:200px;" |
 +
 
 +
== Quick Download ==
 +
 
 +
* Link to page/download
 +
 
 +
 
 +
 
 +
== News and Events ==
 +
As announced during the OWASP Germany Day:<br>
 +
'''Free OWASP challenges available via [https://www.hacking-lab.com/events/registerform.html?eventid=245&uk=DMWRE8y9MLAboLXpRzpgCmwd64sEugqf Hacking-Lab]'''
 +
 
 +
 
 +
== In Print ==
 +
This project can be purchased as a print on demand book from Lulu.com
 +
 
 +
 
 +
==Classifications==
 +
 
 +
  {| width="200" cellpadding="2"
 +
  |-
 +
  | align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]] 
 +
  |-
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Project_Type_Files_CODE.jpg|link=]]
 +
  |}
 +
 
 +
|}
 +
 
 +
=FAQs=
 +
 
 +
; Q1
 +
: A1
 +
 
 +
; Q2
 +
: A2
 +
 
 +
= Acknowledgements =
 +
==Volunteers==
 +
The OWASP Academy Portal Project is developed by a worldwide team of volunteers. The primary contributors to date have been:
 +
 
 +
* Vasileos Vlachos
 +
* Martin Knobloch
 +
* Andreas Fuchsberger
 +
* Jason Taylor
 +
* Carlos Serrão
 +
* Filipe Lacerda
 +
* Ed Adams
 +
* Ricardo Melo
 +
* Diniz Cruz
 +
 
 +
==Sponsors==
 +
The Academy-Portal is sponsored by [Hacking-Lab https://www.hacking-lab] <br>
 +
and [Security Innovation http://www.securityinnovation.com]
 +
----
 +
[[Image:hacking-lab-logo.png|200px]] <br>
 +
'''Hacking-Lab''' is supporting the OWASP mission and made their online training environment available for  OWASP on free-to-use basis!<br>
 +
The Hacking-Lab is not just a common "hackme" environment. The solutions of the labs are evaluated by teachers. <br>
 +
It's not enough just to hack, explain what and how you have it done to score the max points! <br>
 +
[[Media:LOI_Hacking-Labs.pdf | Agreement with Hacking-Lab]]
 +
 
 +
----
 +
 
 +
[[Image:SI Logo Stacked Application Security.png|200px]] <br>
 +
'''Security Innovation''' is supporting the OWASP mission and made their online education management system, Team Mentor, available for  OWASP on free-to-use basis!<br>
 +
[http://owasp.securityinnovation.com OWASP Team Mentor]
 +
 
 +
[[Media:LOI_SecurityInnovation.pdf | Agreement with Security Innovation]]
 +
 
 +
= Road Map and Getting Involved =
 +
As of XXX, the priorities are:
 +
* xxx
 +
* xxx
 +
* xxx
 +
 
 +
Involvement in the development and promotion of XXX is actively encouraged!
 +
You do not have to be a security expert in order to contribute.
 +
Some of the ways you can help:
 +
* xxx
 +
* xxx
 +
 
 +
=Meeting Notes=
 +
== Notes 2011-10-27 ==
 +
timelines agreed between Ivan Buetler & Martin Knobloch
 +
*31.10.2011
 +
** OWASP is sending Academy Portal preinformation to Hackign-Lab (including logos) (Martin Knobloch)
 +
*04.11.2011
 +
**Hacking-Lab is creating it's own OWASP page on www.hacking-lab.com based on the information sent on 31.10.2011 (Ivan Bütler)
 +
*07.11.2011
 +
**Academy Portal is ready to use. The portal has all core features implemented. (Martin Knobloch)
 +
* 8.11.2011
 +
** Hacking-Lab is announcing Academy Portal and OWASP Germany to its 4200 users (Ivan Bütler)
 +
* 12.11.2011
 +
** Testrun with FREE OWASP TOP 10 training in the Netherland by Martin (classroom) (Martin Knobloch)
 +
* 13.11.2011
 +
** Last change requests to Hacking-Lab (Martin Knobloch)
 +
*17.11.2011
 +
**Martin is giving a talk from 12:00 – 12:45 with the title "OWASP Global Education Committee" (Martin Knobloch)
 +
*17.11.2011
 +
**Official announcement of Academy Portal using the OWASP mailing list.(Martin Knobloch /Kate Hartmann)
 +
*17.11.2011
 +
**Official announcement of Academy Portal by Hacking-lab
 +
 
 +
== Notes 2011-04-04 ==
 +
 +
We affirmed that the Creative Commons license will be used for all content on the acadamies portal.
 +
 
 +
Ricardo pointed out that we need a formal definition of the academy, primarily to enable the best used of time resources. <br> As things are now, given a free hour to contribute to the project, most of that hour is spent trying to find the best direction to proceed.  To that end, we discussed needing an environment for asynch conversation, and using google docs for shared document creation.
 +
* Requirements:  https://www.owasp.org/index.php/OWASP_Academy_Portal_Project/Requirements
 +
* Requirements Discussion: https://www.owasp.org/index.php/Talk:OWASP_Academy_Portal_Project/Requirements
 +
 
 +
We had four participants in the conference call.  Would another time work better for those who did not attend?
 +
 
 +
The project is at staging.owaspa.org(/moodle)
 +
 
 +
== Notes 2011-03-21 ==
 +
 +
*Status development
 +
**not much happened yet
 +
**there was a designer working on a template
 +
**Staging URL: [http://staging.owaspa.org/ http://staging.owaspa.org/] Note: if you want a test account please contact me at ricardo.melo@dri.pt
 +
**Staging URL for Moodle: [http://staging.owaspa.org/moodle http://staging.owaspa.org/moodle] Note: if you want a test account please contact me at ricardo.melo@dri.pt
 +
 
 +
*Status training material
 +
**Carlos Serrao [https://lists.owasp.org/pipermail/owasp-academies/2011-January/000054.html modules]
 +
 
 +
TODO's
 +
*material
 +
**upload material on the OWASP Academy wiki
 +
*development
 +
** moodle/drupal
 +
 
 +
 
 +
== Kick-Off notes January 2011 ==
 
Each block should take up as time and present as much content  as necessary and should list how long it typically  
 
Each block should take up as time and present as much content  as necessary and should list how long it typically  
  
Line 32: Line 221:
 
   
 
   
 
   
 
   
Some ideas for blocks:
+
'''Some ideas for blocks:'''
 
   
 
   
 
*Overview and Introduction  
 
*Overview and Introduction  
Line 48: Line 237:
 
*Testing and Verification
 
*Testing and Verification
 
*Static Code Analysis  
 
*Static Code Analysis  
+
 
+
+
 
Proposed block contents for the O(w)ASP Academy Portal
 
Proposed block contents for the O(w)ASP Academy Portal
  
 +
== Design ==
 +
This should be the portal design:
 +
[[:Image:owaspa.pdf|OWASPA design]]
  
__NOTOC__ <headertabs />
+
=Project About=
 +
{{:Projects/OWASP_Academy_Portal_Project}} 
  
 +
__NOTOC__ <headertabs />
  
[[Category:OWASP_Project|Academy Portal Project]] [[Category:OWASP_Tool]] [[Category:OWASP_Alpha_Quality_Tool|OWASP Alpha Quality Document]]
+
[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]

Latest revision as of 23:49, 24 January 2014

[edit]

OWASP Project Header.jpg

OWASP Academy Portal

The OWASP Academy Portal is to be the single access point to the categorized OWASP educational Material.

On the OWASP Academy Portal, all OWASP internal and donated training material can be accessed.
Those training material is reviewed and approved by the OWASP Academy Portal Project members
in order to set and maintain an OWASP-worthy training quality.
The Global Education Committee is guiding and enabling the efforts of the Academy Portal.

Introduction

Write a short introduction


Description

Write a description that is just a few paragraphs long


Licensing

OWASP XXX is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


What is XXX?

OWASP XXX provides:

  • xxx
  • xxx


Presentation

Link to presentation



Project Leader

Project leader's name


Related Projects


Quick Download

  • Link to page/download


News and Events

As announced during the OWASP Germany Day:
Free OWASP challenges available via Hacking-Lab


In Print

This project can be purchased as a print on demand book from Lulu.com


Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files CODE.jpg

Q1
A1
Q2
A2

Volunteers

The OWASP Academy Portal Project is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • Vasileos Vlachos
  • Martin Knobloch
  • Andreas Fuchsberger
  • Jason Taylor
  • Carlos Serrão
  • Filipe Lacerda
  • Ed Adams
  • Ricardo Melo
  • Diniz Cruz

Sponsors

The Academy-Portal is sponsored by [Hacking-Lab https://www.hacking-lab]
and [Security Innovation http://www.securityinnovation.com]


Hacking-lab-logo.png
Hacking-Lab is supporting the OWASP mission and made their online training environment available for OWASP on free-to-use basis!
The Hacking-Lab is not just a common "hackme" environment. The solutions of the labs are evaluated by teachers.
It's not enough just to hack, explain what and how you have it done to score the max points!
Agreement with Hacking-Lab


SI Logo Stacked Application Security.png
Security Innovation is supporting the OWASP mission and made their online education management system, Team Mentor, available for OWASP on free-to-use basis!
OWASP Team Mentor

Agreement with Security Innovation

As of XXX, the priorities are:

  • xxx
  • xxx
  • xxx

Involvement in the development and promotion of XXX is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • xxx
  • xxx

Notes 2011-10-27

timelines agreed between Ivan Buetler & Martin Knobloch

  • 31.10.2011
    • OWASP is sending Academy Portal preinformation to Hackign-Lab (including logos) (Martin Knobloch)
  • 04.11.2011
    • Hacking-Lab is creating it's own OWASP page on www.hacking-lab.com based on the information sent on 31.10.2011 (Ivan Bütler)
  • 07.11.2011
    • Academy Portal is ready to use. The portal has all core features implemented. (Martin Knobloch)
  • 8.11.2011
    • Hacking-Lab is announcing Academy Portal and OWASP Germany to its 4200 users (Ivan Bütler)
  • 12.11.2011
    • Testrun with FREE OWASP TOP 10 training in the Netherland by Martin (classroom) (Martin Knobloch)
  • 13.11.2011
    • Last change requests to Hacking-Lab (Martin Knobloch)
  • 17.11.2011
    • Martin is giving a talk from 12:00 – 12:45 with the title "OWASP Global Education Committee" (Martin Knobloch)
  • 17.11.2011
    • Official announcement of Academy Portal using the OWASP mailing list.(Martin Knobloch /Kate Hartmann)
  • 17.11.2011
    • Official announcement of Academy Portal by Hacking-lab

Notes 2011-04-04

We affirmed that the Creative Commons license will be used for all content on the acadamies portal.

Ricardo pointed out that we need a formal definition of the academy, primarily to enable the best used of time resources.
As things are now, given a free hour to contribute to the project, most of that hour is spent trying to find the best direction to proceed. To that end, we discussed needing an environment for asynch conversation, and using google docs for shared document creation.

We had four participants in the conference call. Would another time work better for those who did not attend?

The project is at staging.owaspa.org(/moodle)

Notes 2011-03-21

  • Status development
    • not much happened yet
    • there was a designer working on a template
    • Staging URL: http://staging.owaspa.org/ Note: if you want a test account please contact me at ricardo.melo@dri.pt
    • Staging URL for Moodle: http://staging.owaspa.org/moodle Note: if you want a test account please contact me at ricardo.melo@dri.pt
  • Status training material

TODO's

  • material
    • upload material on the OWASP Academy wiki
  • development
    • moodle/drupal


Kick-Off notes January 2011

Each block should take up as time and present as much content as necessary and should list how long it typically

Each block should record the following metadata as applicable:

  • Subject:
  • Categories:
  • Keywords:
  • Description:
  • Learning Outcomes:
  • Requirements/Pre-req to understand:
  • Theatrical/Practical
  • Incl. Hands-on labs
  • Contains a link to a lab if applicable
  • Should be self-contained
  • Should handle a single subject
  • Target audience:
  • Ability level: 100|200|300|400
  • Lab links:
  • Outside links:
  • Text books

Rough guide to presentation time:

  • Effort
  • Corresponding OWASP effort


Some ideas for blocks:

  • Overview and Introduction
  • Justifying where
  • Java Platform Security
  • .NET Framework 3.5/4 security
  • XSS
  • Integer Overflows
  • Mobile Code
  • Security Development Lifecycle
  • Web Application Risks and Threats (OWASP Top 10)
  • Countermeasures
  • Threat Modelling
  • Secure Coding Practices
  • Testing and Verification
  • Static Code Analysis

Proposed block contents for the O(w)ASP Academy Portal

Design

This should be the portal design: OWASPA design

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Academy Portal Project (home page)
Purpose: Creation of a Portal to offer academic material in usable blocks, lab's, video's and forum.
License: Choose wisely
who is working on this project?
Project Leader(s):
Project Contributor(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases