Difference between revisions of "OWASP EU Summit 2008--PRESS"

From OWASP
Jump to: navigation, search
(Press Releases)
 
(28 intermediate revisions by 7 users not shown)
Line 1: Line 1:
 
[[:OWASP EU Summit 2008|'''Please click here to return to the OWASP EU Summit Portugal 2008 main page''']].
 
[[:OWASP EU Summit 2008|'''Please click here to return to the OWASP EU Summit Portugal 2008 main page''']].
 +
 +
== Press Releases ==
 +
 +
{| style="width:100%" border="0" align="center"
 +
! colspan="8" align="center" style="background:#4058A0; color:white"|<font color="white">'''PRESS RELEASE IDENTIFICATION'''
 +
|-
 +
| style="width:16%; background:#7B8ABD" align="center"|'''Subject/Date'''
 +
| colspan="7" style="width:84%; background:#b3b3b3" align="left"|<font color="black">'''October 13th, 2008/OWASP European Summit'''
 +
|-
 +
| style="width:16%; background:#7B8ABD" align="center"|'''Language Versions '''
 +
| style="width:12%; background:#cccccc" align="center"|'''English'''<br>Click [[OWASP EU Summit 2008 PR English|here]] to see.
 +
| style="width:12%; background:#cccccc" align="center"|'''Portuguese/Portugal'''<br>Click [https://www.owasp.org/images/f/f2/PRESS_RELEASE_PT.pdf here] to see.
 +
| style="width:12%; background:#cccccc" align="center"|'''Portuguese/Brazil'''<br>Click [http://convisosec.com/PublicDocuments/OWASP/owaspeusummitpressreleasebr.pdf here] to see.
 +
| style="width:12%; background:#cccccc" align="center"|'''Spanish'''<br>Click [[OWASP EU Summit 2008 ES Spanish|here]] to see.
 +
| style="width:12%; background:#cccccc" align="center"|'''French'''<br>Click [[OWASP EU Summit 2008 PR French|here]] to see.
 +
| style="width:12%; background:#cccccc" align="center"|'''Turkish'''<br>Click [[OWASP EU Summit 2008 TR Turkish|here]] to see.
 +
| style="width:12%; background:#cccccc" align="center"|'''Italian'''<br>Click [[OWASP EU Summit 2008 PR Italian|here]] to see.
 +
|-
 +
| style="width:16%; background:#7B8ABD" align="center"|'''Subject/Date'''
 +
| colspan="7" style="width:84%; background:#b3b3b3" align="left"|<font color="black">'''October 15th, 2008/OWASP teams up with browser developers to increase security on the web'''
 +
|-
 +
| style="width:14%; background:#7B8ABD" align="center"|'''Language Versions '''
 +
| style="width:12%; background:#cccccc" align="center"|'''English'''<br>Click [[OWASP EU Summit 2008 PR Browser|here]] to see.
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|'''Italian''' <br/> Click [[OWASP EU Summit 2008 PR Browser Italian|here]] to see
 +
|-
 +
| style="width:16%; background:#7B8ABD" align="center"|'''Subject/Date'''
 +
| colspan="7" style="width:84%; background:#b3b3b3" align="left"|<font color="black">'''October 31th, 2008/Craques da segurança da Web reúnem-se em Portugal'''
 +
|-
 +
| style="width:14%; background:#7B8ABD" align="center"|'''Language Versions '''
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|'''Portuguese/Portugal'''<br>Click [https://www.owasp.org/images/4/47/PRESS_RELEASE_OWASP_02.pdf here] to see.
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
|-
 +
| style="width:16%; background:#7B8ABD" align="center"|'''Subject/Date'''
 +
| colspan="7" style="width:84%; background:#b3b3b3" align="left"|<font color="black">'''November 4th, 2008/Especialistas reunidos no Algarve estudam soluções para segurança na internet'''
 +
|-
 +
| style="width:14%; background:#7B8ABD" align="center"|'''Language Versions '''
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|'''Portuguese/Portugal'''<br>Click [https://www.owasp.org/images/f/fd/PRESS_RELEASE_PT_4.doc here] to see.
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
|-
 +
| style="width:16%; background:#7B8ABD" align="center"|'''Subject/Date'''
 +
| colspan="7" style="width:84%; background:#b3b3b3" align="left"|<font color="black">'''November 7th, 2008/OWASP Summit Results'''
 +
|-
 +
| style="width:14%; background:#7B8ABD" align="center"|'''Language Versions '''
 +
| style="width:12%; background:#cccccc" align="center"|'''English'''<br>Click [https://www.owasp.org/images/4/46/Board_signed_Document.pdf here] to see.
 +
| style="width:12%; background:#cccccc" align="center"|'''Portuguese/Portugal'''<br>Click [https://www.owasp.org/images/3/35/PRESS_RELEASE_OWASP_03.pdf here] to see.
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
| style="width:12%; background:#cccccc" align="center"|
 +
|}
 +
 +
== Press registration ==
  
 
Press registration is open to any member of the broadcast, print and Internet media who can prove they work for an organization or publication that covers computer security on a regular basis. At the conference we will provide a press room with Internet access and electrical outlets for laptop computers. If you need a separate room for filming interviews, please request it in advance in the comments section. Let us know if there are any other special needs such as speakers you want to interview when you arrive or other items such as computer access to file stories or a fax machine.
 
Press registration is open to any member of the broadcast, print and Internet media who can prove they work for an organization or publication that covers computer security on a regular basis. At the conference we will provide a press room with Internet access and electrical outlets for laptop computers. If you need a separate room for filming interviews, please request it in advance in the comments section. Let us know if there are any other special needs such as speakers you want to interview when you arrive or other items such as computer access to file stories or a fax machine.
Line 31: Line 99:
 
  |-
 
  |-
 
  |}
 
  |}
 +
{| style="width:80%" border="0" align="center"
 +
! colspan="2" align="center" style="background:#4058A0; color:white" | OWASP Tools Projects
 +
|-
 +
| style="width:15%; background:#7B8ABD" valign="top" | Briefing Text || style="background:#F2F2F2" |
 +
The working session for OWASP Tools will address standards for Tool development at OWASP.  This is will include standards for documentation, supporting tools via Books, How-Tos, Webcasts, Podcasts.  We will also dive deep into the OWASP Project Assessment.
  
 +
This session is for toolmakers who want to make better tools.
 +
|-
 +
| style="width:15%; background:#7B8ABD" valign="top"  | Session Page || style="background:#C2C2C2" | [[OWASP_Working_Session_-_OWASP_Tools_Projects]]
 +
|-
 +
|}
 +
{| style="width:80%" border="0" align="center"
 +
! colspan="2" align="center" style="background:#4058A0; color:white" | OWASP .NET Project
 +
|-
 +
| style="width:15%; background:#7B8ABD" valign="top" | Briefing Text || style="background:#F2F2F2" | OWASP secures .NET web applications and services.  This working session will promote the OWASP .NET initiative, and discuss the roadmap for OWASP .NET for 2009.  Additional objectives include discussing vulnerability research, application review and guidance for .NET and Mono (Open Source .NET) projects.
 +
Are we protecting .NET/Mono developers?  Is there adequate security guidance and vulnerability research for technology platforms, frameworks, community software, including:
 +
* ASP.NET Data Services
 +
* ASP.NET MVC
 +
* Sharepoint
 +
* Silverlight
 +
* Community Server
 +
* Wikipedia Search (Mono)
 +
* DekiWiki (Mono)
 +
|-
 +
| style="width:15%; background:#7B8ABD" valign="top"  | Session Page || style="background:#C2C2C2" | [[OWASP Working Session - .NET Project]]
 +
|-
 +
|}
  
 
{| style="width:80%" border="0" align="center"
 
{| style="width:80%" border="0" align="center"
Line 56: Line 150:
 
  |-
 
  |-
 
  |}
 
  |}
 +
{| style="width:80%" border="0" align="center"
 +
! colspan="2" align="center" style="background:#4058A0; color:white" | OWASP Awards
 +
|-
 +
| style="width:15%; background:#7B8ABD" valign="top" | Briefing Text || style="background:#F2F2F2" |
 +
Governments, businesses and people rely on the Internet - the Internet has almost become something we cannot live without. But the Internet suffers from one terrible flaw: it's insecure. It's insecure because we've
 +
rushed into creating a global network of computers without making sure we knew what we were
 +
doing.  The Open Web Application Security Project (OWASP) is a global open community dedicated to
 +
enabling organisations to develop, purchase, and maintain applications that can be trusted. All of the
 +
OWASP tools, documents, forums, and chapters are free and open to anyone interested in
 +
improving application security.
  
== PRESS RELEASES ==
+
There are people and groups working in this area who are doing battle for all of us every day, yet many are
 +
unknown outside their own specialist areas.  The proposed OWASP Awards could be used to thank and recognise outstanding contributions,
 +
identify those who are raising security awareness and highlight those supporting security initiatives such as
 +
promoting better practices.
 +
|-
 +
| style="width:15%; background:#7B8ABD" valign="top"  | Session Page || style="background:#C2C2C2" | [[OWASP_Working_Session_-_OWASP_Awards]]
 +
|-
 +
|}
  
=== OWASP European Summit/October 13th, 2008 ===
+
== Media Resources for Training Courses ==
  
'''OWASP European Summit - Portugal'''<br>
+
{| style="width:80%" border="0" align="center"
''Portugal/Algarve - 4th - 7th November 2008''
+
  ! colspan="2" align="center" style="background:#4058A0; color:white" | Flash Security Training
 
+
|-
Setting the Web Application Security Agenda for 2009: OWASP Invites You to Join Our Summit in Portugal
+
  | style="width:15%; background:#7B8ABD" valign="top" | Briefing Text || style="background:#F2F2F2" |
http://www.owasp.org/index.php/OWASP_EU_Summit_2008
+
 
+
With the theme 'Setting the AppSec agenda for 2009', the OWASP Summit will be a worldwide gathering of OWASP leaders and key industry players to present and discuss the latest OWASP tools, documentation projects, and web application security trends. Join us in Portugal in just a few short weeks! This venue hosts a diverse selection of training courses along with technical and business tracks, making it THE place to learn about web application security and the resources OWASP has available for use today.
+
 
+
OWASP is a not-for-profit organization with the purpose of supporting the Web Application Security community around the world, and has granted $250,000 USD for web application security research.  In addition to over 40 presentations from the OWASP Leaders and grant recipients, the OWASP Summit will host multiple Working Sessions designed to improve collaboration, achieve specific objectives and identify roadmaps for OWASP projects, chapters, and the OWASP community itself.
+
 
+
To facilitate this event, OWASP is investing $150,000 USD which will be used to cover air travel and accommodation expenses for OWASP leaders, active contributors, and select key industry leaders. With their confirmed presence (see list here: http://spreadsheets.google.com/pub?key=pAX6n7m2zaTVLrPtR07riBA), the OWASP Summit will provide a relaxed but professional environment to meet, discuss, influence and contribute to OWASP projects.
+
 
+
The OWASP Summit will also host a large and diverse selection of training courses, covering multiple OWASP specific and Web Application Security Topics.
+
  
The remarkable impact of OWASP is made possible only by the collaboration of many dedicated people and organizations worldwide. In that spirit of cooperation, OWASP invites all its members and interested individuals and companies to attend this thrilling event. Please join us and help to set the Web Application Security Agenda for 2009!
+
Flash security is hot. Just look at the hysteria around 'ClickJacking'.There are 2 Flash related security trainings at the summit covering Flash Security: [[OWASP_EU_Summit_2008_Training#Flash_Player_Security|Flash Player Security]] and [[OWASP_EU_Summit_2008_Training#Auditing_Flash_Applications|Auditing Flash Applications]]. These courses and the [[:Category:OWASP Flash Security Project|OWASP Flash Security project]] aim to share a knowledge base in order to raise awareness around the subject of Flash applications security.
  
Regarding the event sponsorship matters, there are still a few opportunities available (see here http://www.owasp.org/index.php/OWASP_EU_Summit_2008_Sponsors) – do not miss the opportunity to associate your brand with this gripping and worldwide event!
+
The courses provide an overview of the Flash Player security model and common architectures for Flash deployment.
 +
The course is targeted at people who need to understand the fundamentals of Flash Player security and how it will affect their website such as CSOs, web designers, Flash authors, web-site auditors and web architects.  
 +
The goal of the course is to provide the student with the enough information to architect and audit a secure Flash deployment.
  
Please see below for additional details about the OWASP Summit or visit the OWASP Summit website: http://www.owasp.org/index.php/OWASP_EU_Summit_2008.
+
|-
 
+
  | style="width:15%; background:#7B8ABD" valign="top"  | Training Page || style="background:#C2C2C2" | [[OWASP_EU_Summit_2008_Training]]
'''Projects'''
+
|-
 
+
|}
OWASP projects selected for Summit presentation include new documentation and innovative tools to help developers, architects, and security specialists ensure that applications are secure:
+
 
+
* Application Security Verification Standard,
+
* Code review guide, V1.1,
+
* Ruby on Rails Security Guide v2,
+
* Securing WebGoat using ModSecurity,
+
* Testing Guide v3,
+
* GTK+ GUI for w3af project,
+
* Access Control Rules Tester,
+
* AntiSamy .NET,
+
* Live CD & DVD Project,
+
* OpenPGP Extensions for HTTP,
+
* Orizon Project,
+
* Python Static Analysis,
+
* WebScarab-NG,
+
* And many, many others.
+
 
+
'''Working Sessions'''
+
 
+
Expecting the presence of the application security industry key players, the Working Sessions will cover a wide range of issues such as:
+
 
+
* OWASP Top 10 2009,
+
* Browser Security,
+
* Web Application Framework Security,
+
* Enterprise Security API Project,
+
* Best Practices for OWASP Chapter Leaders,
+
* OWASP Documentation Projects,
+
* OWASP Tools Projects,
+
* OWASP Education Project,
+
* OWASP Strategic Planning for 2009,
+
* OWASP Certification,
+
* OWASP Winter of Code 2009
+
* Two-way Internationalization of OWASP Content
+
* And many more.
+
 
+
'''Training'''
+
 
+
These 2-day, 1-day or 1/2-day training courses cover a wide range of OWASP specific and Web Application Security Topics:
+
 
+
* OWASP Top 10 - What Developers Should Know on Web Application Security
+
* Uncovering WebScarab's Secret Treasures
+
* Securing WebGoat with ModSecurity  
+
* Secure Programming with Java
+
* Advanced Web Application Security Testing
+
* Building Secure Web 2.0 Applications
+
* Building Secure Web Services
+
* Building Secure Web Applications with OWASP's Enterprise Security API (ESAPI)
+
* Classic ASP Security using OWASP tools
+
* Web Application Assessments
+
* Hacking Owasp Orizon Project v1.0
+
* Ajax Security
+
* Practical Penetration Testing: Think Like an Attacker to Stop Attacks
+
* Linux Software Exploitation
+
* Web server/services hardening using SELinux
+
 
+
 
+
Main Contact:
+
 
+
Kate Hartmann<br/>
+
OWASP Operations Director<br/>
+
9175 Guilford Road, Suite 300<br/>
+
Columbia, MD 21046, USA<br/>
+
Phone: +1-301-575-0189<br/>
+
Facsimile: +1-301-604-8033<br/>
+
Email: kate.hartmann@owasp.org<br/>
+
 
+
 
+
==== Portuguese Version ====
+
 
+
Please click [[:Image:PRESS RELEASE PT.pdf|here]] to see.
+
 
+
==== Brazilian Version ====
+
 
+
Please click [http://convisosec.com/PublicDocuments/OWASP/owaspeusummitpressreleasebr.pdf here] to see.
+
 
+
==== French Version ====
+
 
+
Please click [[OWASP EU Summit 2008 PR French|here]] to see.
+
 
+
==== Spanish Version ====
+
 
+
Please click [[OWASP EU Summit 2008 ES Spanish|here]] to see.
+

Latest revision as of 16:11, 29 November 2008

Please click here to return to the OWASP EU Summit Portugal 2008 main page.

Contents

Press Releases

PRESS RELEASE IDENTIFICATION
Subject/Date October 13th, 2008/OWASP European Summit
Language Versions English
Click here to see.
Portuguese/Portugal
Click here to see.
Portuguese/Brazil
Click here to see.
Spanish
Click here to see.
French
Click here to see.
Turkish
Click here to see.
Italian
Click here to see.
Subject/Date October 15th, 2008/OWASP teams up with browser developers to increase security on the web
Language Versions English
Click here to see.
Italian
Click here to see
Subject/Date October 31th, 2008/Craques da segurança da Web reúnem-se em Portugal
Language Versions Portuguese/Portugal
Click here to see.
Subject/Date November 4th, 2008/Especialistas reunidos no Algarve estudam soluções para segurança na internet
Language Versions Portuguese/Portugal
Click here to see.
Subject/Date November 7th, 2008/OWASP Summit Results
Language Versions English
Click here to see.
Portuguese/Portugal
Click here to see.

Press registration

Press registration is open to any member of the broadcast, print and Internet media who can prove they work for an organization or publication that covers computer security on a regular basis. At the conference we will provide a press room with Internet access and electrical outlets for laptop computers. If you need a separate room for filming interviews, please request it in advance in the comments section. Let us know if there are any other special needs such as speakers you want to interview when you arrive or other items such as computer access to file stories or a fax machine.


We welcome anyone to apply for press credentials but reserve the right to deny you a pass. As such, please be prepared to show us copies of your articles either at your publication's Web site or on the publication's masthead should we request it.


At the show, please be able to present a business card, and government issued picture id, article on your organization's masthead and contact information for your assignment editor should we need it to validate your credentials before issuing you a pass.


Press registration may be granted for the conference and working sessions seminars only. There are no press passes available for Training.


Please make a point to pre-register. Should you attempt to attain credentials on-site, we cannot guarantee you will qualify and must bring all information in the above paragraph.

To register please ask Kate Hartmann for a password and use: Register.gif

Media Resources for Working Sessions

The following text is being provided by the chairs from each of the OWASP EU Summit 2008#WORKING_SESSIONS_-_November_4th_.26_5th_.28Tue.2C_Wed.29. It explains why the working session is important, why it matters to the industry and what might be the beneficial outcomes. We hope to have public/industry information from all the working sessions here in due course for advanced publicity purposes.


OWASP Documentation Projects
Briefing Text The working session on OWASP Documentation Projects is a great chance to understand how the set of OWASP related documents can be used as a toolset to promote security on software development and management. The outcomes from PCI DSS v.1.2 and other standards that will come form the market, shows how important is to understand the importance of protection measures on coding and how these actions will come back in high quality products that can reach the market in a more adequate fashion.

The outcomes will promote OWASP documents in the market and to be part of it will make the difference for your company, your career and your personal contribution for the security community.

Session Page OWASP_Working_Session_-_OWASP_Documentation_Projects
OWASP Tools Projects
Briefing Text

The working session for OWASP Tools will address standards for Tool development at OWASP. This is will include standards for documentation, supporting tools via Books, How-Tos, Webcasts, Podcasts. We will also dive deep into the OWASP Project Assessment.

This session is for toolmakers who want to make better tools.

Session Page OWASP_Working_Session_-_OWASP_Tools_Projects
OWASP .NET Project
Briefing Text OWASP secures .NET web applications and services. This working session will promote the OWASP .NET initiative, and discuss the roadmap for OWASP .NET for 2009. Additional objectives include discussing vulnerability research, application review and guidance for .NET and Mono (Open Source .NET) projects.

Are we protecting .NET/Mono developers? Is there adequate security guidance and vulnerability research for technology platforms, frameworks, community software, including:

  • ASP.NET Data Services
  • ASP.NET MVC
  • Sharepoint
  • Silverlight
  • Community Server
  • Wikipedia Search (Mono)
  • DekiWiki (Mono)
Session Page OWASP Working Session - .NET Project
OWASP Education Project
Briefing Text

There is plenty of knowledge available inside the OWASP community, spread via the wiki, Conferences, chapter meetings and not to forget the books.

Another important way to distribute the available knowledge is though education!

The Summit Working Session on Education will cover important aspects such as:

  • How to improve knowledge transfer from OWASP projects towards the community,
  • How to create training material (lessons, classes, courses) from OWASP project material?
  • How to set up an OWASP education baseline,
  • How to setup an OWASP Boot Camp,
  • How to connect to organisation to promote OWASP education content: e.g. universities, other non-profit (or profit?) education organisations,
  • How to organize the OWASP / Conference trainings to make them the best in the world?
  • Can we integrate this into OWASP certification projects?
  • How to setup an OWASP Boot Camp?

This working session is the ideal opportunity to build further on the shoulders of giants and spread OWASP's solutions through the education project!

Session Page OWASP_Working_Session_Education_Project
OWASP Awards
Briefing Text

Governments, businesses and people rely on the Internet - the Internet has almost become something we cannot live without. But the Internet suffers from one terrible flaw: it's insecure. It's insecure because we've rushed into creating a global network of computers without making sure we knew what we were doing. The Open Web Application Security Project (OWASP) is a global open community dedicated to enabling organisations to develop, purchase, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

There are people and groups working in this area who are doing battle for all of us every day, yet many are unknown outside their own specialist areas. The proposed OWASP Awards could be used to thank and recognise outstanding contributions, identify those who are raising security awareness and highlight those supporting security initiatives such as promoting better practices.

Session Page OWASP_Working_Session_-_OWASP_Awards

Media Resources for Training Courses

Flash Security Training
Briefing Text

Flash security is hot. Just look at the hysteria around 'ClickJacking'.There are 2 Flash related security trainings at the summit covering Flash Security: Flash Player Security and Auditing Flash Applications. These courses and the OWASP Flash Security project aim to share a knowledge base in order to raise awareness around the subject of Flash applications security.

The courses provide an overview of the Flash Player security model and common architectures for Flash deployment. The course is targeted at people who need to understand the fundamentals of Flash Player security and how it will affect their website such as CSOs, web designers, Flash authors, web-site auditors and web architects. The goal of the course is to provide the student with the enough information to architect and audit a secure Flash deployment.

Training Page OWASP_EU_Summit_2008_Training