OWASP Academy Portal Project
The OWASP Academy Portal is to be the single access point to the categorized OWASP educational Material.
On the OWASP Academy Portal, all OWASP internal and donated training material can be accessed.
Those training material is reviewed and approved by the OWASP Academy Portal Project members
in order to set and maintain an OWASP-worthy training quality.
The Global Education Committee is guiding and enabling the efforts of the Academy Portal.
As announced during the OWASP Germany Day:
Free OWASP challenges available via Hacking-Lab
| PROJECT INFO
What does this OWASP project offer you?
| RELEASE(S) INFO|
What releases are available for this project?
Road map & progress
timelines agreed between Ivan Buetler & Martin Knobloch
- OWASP is sending Academy Portal preinformation to Hackign-Lab (including logos) (Martin Knobloch)
- Hacking-Lab is creating it's own OWASP page on www.hacking-lab.com based on the information sent on 31.10.2011 (Ivan Bütler)
- Academy Portal is ready to use. The portal has all core features implemented. (Martin Knobloch)
- Hacking-Lab is announcing Academy Portal and OWASP Germany to its 4200 users (Ivan Bütler)
- Testrun with FREE OWASP TOP 10 training in the Netherland by Martin (classroom) (Martin Knobloch)
- Last change requests to Hacking-Lab (Martin Knobloch)
- Martin is giving a talk from 12:00 – 12:45 with the title "OWASP Global Education Committee" (Martin Knobloch)
- Official announcement of Academy Portal using the OWASP mailing list.(Martin Knobloch /Kate Hartmann)
- Official announcement of Academy Portal by Hacking-lab
We affirmed that the Creative Commons license will be used for all content on the acadamies portal.
Ricardo pointed out that we need a formal definition of the academy, primarily to enable the best used of time resources.
As things are now, given a free hour to contribute to the project, most of that hour is spent trying to find the best direction to proceed. To that end, we discussed needing an environment for asynch conversation, and using google docs for shared document creation.
- Requirements: https://www.owasp.org/index.php/OWASP_Academy_Portal_Project/Requirements
- Requirements Discussion: https://www.owasp.org/index.php/Talk:OWASP_Academy_Portal_Project/Requirements
We had four participants in the conference call. Would another time work better for those who did not attend?
The project is at staging.owaspa.org(/moodle)
- Status development
- not much happened yet
- there was a designer working on a template
- Staging URL: http://staging.owaspa.org/ Note: if you want a test account please contact me at firstname.lastname@example.org
- Staging URL for Moodle: http://staging.owaspa.org/moodle Note: if you want a test account please contact me at email@example.com
- Status training material
- Carlos Serrao modules
- upload material on the OWASP Academy wiki
Kick-Off notes January 2011
Each block should take up as time and present as much content as necessary and should list how long it typically
Each block should record the following metadata as applicable:
- Learning Outcomes:
- Requirements/Pre-req to understand:
- Incl. Hands-on labs
- Contains a link to a lab if applicable
- Should be self-contained
- Should handle a single subject
- Target audience:
- Ability level: 100|200|300|400
- Lab links:
- Outside links:
- Text books
Rough guide to presentation time:
- Corresponding OWASP effort
Some ideas for blocks:
- Overview and Introduction
- Justifying where
- Java Platform Security
- .NET Framework 3.5/4 security
- Integer Overflows
- Mobile Code
- Security Development Lifecycle
- Web Application Risks and Threats (OWASP Top 10)
- Threat Modelling
- Secure Coding Practices
- Testing and Verification
- Static Code Analysis
Proposed block contents for the O(w)ASP Academy Portal
This should be the portal design: OWASPA design
Hacking-Lab is supporting the OWASP mission and made their online training environment available for OWASP on free-to-use basis!
The Hacking-Lab is not just a common "hackme" environment. The solutions of the labs are evaluated by teachers.
It's not enough just to hack, explain what and how you have it done to score the max points!
Agreement with Hacking-Lab
Security Innovation is supporting the OWASP mission and made their online education management system, Team Mentor, available for OWASP on free-to-use basis!
OWASP Team Mentor