Difference between revisions of "OWASP DHS SWA Day 2010 OWASP WTE"

From OWASP
Jump to: navigation, search
(Created page with '== The presentation == rightA presentation about the OWASP Web Testing Environment, previously the OWASP Live CD. This presentation is given as…')
 
Line 10: Line 10:
  
 
A speaker Bio for Matt Tesauro will be posted shortly.
 
A speaker Bio for Matt Tesauro will be posted shortly.
 +
 +
== Notes ==
 +
;[[:Category:OWASP LiveCD Education Project|OWASP Live CD Education Project]]
 +
 +
The OWASP Live CD is an educational supplement project containing tutorials, challenges and videos detailing the use of tools contained within the OWASP LiveCD - LabRat. This project was sponsored by [[OWASP Spring Of Code 2007|OWASP Spring Of Code 2007]] and [http://www.securitydistro.com/ Security Distro] (Assessment Criteria v1.0)
 +
 +
It’s hard to be a tester if you have never been a developer.  The goal of the CD was originally to create a ready-made environment in which to perform testing.  The CD showcases great tools and contains not only OWASP tools.
 +
 +
The design goals include being easy to keep users up to date while being easy to update.There were gaps between the tools and the testing guides.  The goal is to keep them aligned.
 +
 +
The OWASP Web Testing Environment (WTE) is the new name of the DVD which includes 26 significant tools.  WTE also includes Firefox security add-ons, OWASP documents, a Top 10 risks list, VM software, and many other.  WTE is also used as an education tool.  The Webgoat tool is already being used for training classes.
 +
 +
WTE consists of more tools focused on developing instead of testing focused; there are more tools available via a repository for packages.  Each tool will now automatically install dependent tools.  WTE now runs on Ubuntu and each tool has its own Debian package.  You can mix and match packages for only what you need to use.  Some new features to be added in future versions are virtual installs, USB bootable install, customized versions of WTE via a la carte builds.
  
 
[[Category:OWASP_Conference_Presentations]]
 
[[Category:OWASP_Conference_Presentations]]

Revision as of 14:13, 5 October 2010

The presentation

Owasp logo normal.jpg
A presentation about the OWASP Web Testing Environment, previously the OWASP Live CD.

This presentation is given as part of OWASP Software Assurance Day at the | 13th Annual Software Assurance Forum.

Download the presentation

The speaker

A speaker Bio for Matt Tesauro will be posted shortly.

Notes

OWASP Live CD Education Project

The OWASP Live CD is an educational supplement project containing tutorials, challenges and videos detailing the use of tools contained within the OWASP LiveCD - LabRat. This project was sponsored by OWASP Spring Of Code 2007 and Security Distro (Assessment Criteria v1.0)

It’s hard to be a tester if you have never been a developer. The goal of the CD was originally to create a ready-made environment in which to perform testing. The CD showcases great tools and contains not only OWASP tools.

The design goals include being easy to keep users up to date while being easy to update.There were gaps between the tools and the testing guides. The goal is to keep them aligned.

The OWASP Web Testing Environment (WTE) is the new name of the DVD which includes 26 significant tools. WTE also includes Firefox security add-ons, OWASP documents, a Top 10 risks list, VM software, and many other. WTE is also used as an education tool. The Webgoat tool is already being used for training classes.

WTE consists of more tools focused on developing instead of testing focused; there are more tools available via a repository for packages. Each tool will now automatically install dependent tools. WTE now runs on Ubuntu and each tool has its own Debian package. You can mix and match packages for only what you need to use. Some new features to be added in future versions are virtual installs, USB bootable install, customized versions of WTE via a la carte builds.