Difference between revisions of "OWASP Working Session - OWASP Certification"

From OWASP
Jump to: navigation, search
(New page: {| style="width:100%" border="0" align="center" ! colspan="7" align="center" style="background:#b3b3b3; color:white"|<font color="black">'''Working Sessions Operational Rules''' - [[:Work...)
 
 
(19 intermediate revisions by 13 users not shown)
Line 6: Line 6:
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Work Session Name'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Work Session Name'''
  | colspan="6" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP .NET Project'''
+
  | colspan="6" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Certification'''
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Work Session Description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Work Session Description'''  
Line 13: Line 13:
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Related Projects (if any)'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Related Projects (if any)'''  
 
  | colspan="6" style="width:85%; background:#cccccc" align="left"|
 
  | colspan="6" style="width:85%; background:#cccccc" align="left"|
[[:Category:OWASP .NET Project|OWASP .NET Project]]
+
* [[:Category:OWASP Certification Requirements|OWASP Certification Requirements]]
 +
* [[:Category:OWASP Certification Project|OWASP Certification Project]]
 
  |-
 
  |-
 
  | style="width:25%; background:#7B8ABD" align="center"|'''Email Contacts & Roles'''
 
  | style="width:25%; background:#7B8ABD" align="center"|'''Email Contacts & Roles'''
  | style="width:25%; background:#cccccc" align="center"|'''Chair'''<br>[mailto:mark.roxberry(at)owasp.org '''Mark Roxberry''']  
+
  | style="width:25%; background:#cccccc" align="center"|'''Chair'''<br>[mailto:name(at)name '''TBD''']  
  | style="width:25%; background:#cccccc" align="center"|'''Secretary'''<br>[mailto:name(at)name '''TBD''']
+
  | style="width:25%; background:#cccccc" align="center"|'''Secretary'''<br>TBD
  | style="width:25%; background:#cccccc" align="center"|'''Mailing list'''<br>[https://lists.owasp.org/mailman/listinfo/owasp-dotnet '''Subscription Page''']
+
  | style="width:25%; background:#cccccc" align="center"|'''Mailing list'''<br>[https://lists.owasp.org/mailman/listinfo/OWASP-cert '''Subscription Page''']
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
Line 25: Line 26:
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Objectives'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Objectives'''
 
  | colspan="6" style="width:85%; background:#cccccc" align="left"|<font color="black">
 
  | colspan="6" style="width:85%; background:#cccccc" align="left"|<font color="black">
* Discuss audience and purpose of the OWASP .NET project,
+
* Discuss and review current proposal and survey results,
* Prepare OWASP .NET neutrality statement,
+
* Identify risks of offering a certification program.  
* Discuss .NET and Mono SDL Best Practices and OWASP tools and documentation,
+
* Discuss Vulnerability Research in the .NET and Mono Ecosystem.  
+
 
  |-
 
  |-
 
  | style="width:25%; background:#7B8ABD" align="center"|'''Venue/Date&Time/Model'''
 
  | style="width:25%; background:#7B8ABD" align="center"|'''Venue/Date&Time/Model'''
 
  | style="width:25%; background:#cccccc" align="center"|'''Venue'''<br>[[:OWASP EU Summit 2008|OWASP EU Summit Portugal 2008]]  
 
  | style="width:25%; background:#cccccc" align="center"|'''Venue'''<br>[[:OWASP EU Summit 2008|OWASP EU Summit Portugal 2008]]  
  | style="width:25%; background:#cccccc" align="center"|'''Date&Time'''<br>November 4 & 6, 2008 <br>Time TBD
+
  | style="width:25%; background:#cccccc" align="center"|'''Date&Time'''<br>November 5 & 7, 2008 <br>Time TBD
 
  | style="width:25%; background:#cccccc" align="center"|'''Discussion Model'''<br>"Everybody is a Participant"
 
  | style="width:25%; background:#cccccc" align="center"|'''Discussion Model'''<br>"Everybody is a Participant"
 
  |}
 
  |}
Line 51: Line 50:
 
  |-
 
  |-
 
  | style="width:100%; background:#cccccc" align="left"|
 
  | style="width:100%; background:#cccccc" align="left"|
* Objective 1: Establish purpose and audience of the OWASP .NET project. There are lots of resources and tools, why do we need OWASP .NET, who are our audiences, how do we reach them.
+
Please add here, any additional notes, links, ideas, guidelines, etc... The objective is to help the working sessions participants and attendees to prepare their participation/contribution.
* Objective 2: Statement to OWASP .NET's purpose. As we work closely with Microsoft folks, they've discussed providing content, which is great, but we need to clearly state OWASP .NET's neutrality. The Summit is a good place for this action. I will have a draft for discussion prior to the working session.
+
* Objective 3: OWASP sponsored vulnerability research / web application review / guidance on .NET/Mono projects, like Sharepoint, Silverlight, Community Server, Wikipedia Search (Mono), DekiWiki (Mono) etc.  
+
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
Line 63: Line 60:
 
  |-
 
  |-
 
  | style="width:7%; background:#7B8ABD" align="center"|
 
  | style="width:7%; background:#7B8ABD" align="center"|
  | style="width:46%; background:#C2C2C2" align="center"|OWASP .NET Project Roadmap for 2009.  
+
  | style="width:46%; background:#C2C2C2" align="center"|Fill in here.  
 
  | style="width:47%; background:#C2C2C2" align="center"|After the Board Meeting - fill in here.  
 
  | style="width:47%; background:#C2C2C2" align="center"|After the Board Meeting - fill in here.  
 
  |-
 
  |-
Line 81: Line 78:
 
  |-
 
  |-
 
  | style="width:7%; background:#7B8ABD" align="center"|1
 
  | style="width:7%; background:#7B8ABD" align="center"|1
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"| Dinis Cruz
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"| OWASP
  | style="width:63%; background:#cccccc" align="center"|
+
  | style="width:63%; background:#cccccc" align="center"| Want to share a number of ideas and see how I can help to make this happen
 
  |-
 
  |-
 
  | style="width:7%; background:#7B8ABD" align="center"|2
 
  | style="width:7%; background:#7B8ABD" align="center"|2
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"| Matteo Meucci
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"| Minded Security
  | style="width:63%; background:#cccccc" align="center"|
+
  | style="width:63%; background:#cccccc" align="center"| Thinking at the OWASP Certifications from many time. Would like to understand which kind of certification is better for the OWASP Community.
 
  |-
 
  |-
 
  | style="width:7%; background:#7B8ABD" align="center"|3
 
  | style="width:7%; background:#7B8ABD" align="center"|3
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"| Rex Booth
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"| Grant Thornton
  | style="width:63%; background:#cccccc" align="center"|
+
  | style="width:63%; background:#cccccc" align="center"| Interest in the cert topic.
 
|-
 
|-
 
  | style="width:7%; background:#7B8ABD" align="center"|4
 
  | style="width:7%; background:#7B8ABD" align="center"|4
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"| Pavol Luptak
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"| Nethemba s.r.o.
  | style="width:63%; background:#cccccc" align="center"|
+
  | style="width:63%; background:#cccccc" align="center"| Interest in the cert topic.
 
|-
 
|-
 
  | style="width:7%; background:#7B8ABD" align="center"|5
 
  | style="width:7%; background:#7B8ABD" align="center"|5
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"|David Campbell
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"|OWASP
  | style="width:63%; background:#cccccc" align="center"|
+
  | style="width:63%; background:#cccccc" align="center"|Cert skeptic
 
|-
 
|-
 
  | style="width:7%; background:#7B8ABD" align="center"|6
 
  | style="width:7%; background:#7B8ABD" align="center"|6
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"|Andrzej Targosz
  | style="width:15%; background:#cccccc" align="center"|  
+
  | style="width:15%; background:#cccccc" align="center"|PROIDEA
  | style="width:63%; background:#cccccc" align="center"|
+
  | style="width:63%; background:#cccccc" align="center"|Interest in the topic.
 
|-
 
|-
 
  | style="width:7%; background:#7B8ABD" align="center"|7
 
  | style="width:7%; background:#7B8ABD" align="center"|7
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"|Giorgio Fedon
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"|Minded Security
  | style="width:63%; background:#cccccc" align="center"|
+
  | style="width:63%; background:#cccccc" align="center"|Share Ideas and talking about the need for a Certification
 
|-
 
|-
 
  | style="width:7%; background:#7B8ABD" align="center"|8
 
  | style="width:7%; background:#7B8ABD" align="center"|8
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"|Esteban Ribicic
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"|HP
  | style="width:63%; background:#cccccc" align="center"|
+
  | style="width:63%; background:#cccccc" align="center"|Interested on the topic
 
|-
 
|-
 
  | style="width:7%; background:#7B8ABD" align="center"|9
 
  | style="width:7%; background:#7B8ABD" align="center"|9
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"|Christian Martorella
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"|S21sec
  | style="width:63%; background:#cccccc" align="center"|
+
  | style="width:63%; background:#cccccc" align="center"|Interested in the topic, and share ideas.
 
|-
 
|-
 
  | style="width:7%; background:#7B8ABD" align="center"|10
 
  | style="width:7%; background:#7B8ABD" align="center"|10
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"| Tom Brennan
  | style="width:15%; background:#cccccc" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"| OWASP
  | style="width:63%; background:#cccccc" align="center"|
+
  | style="width:63%; background:#cccccc" align="center"| Inject pro and con about a OWASP Certification
 +
|-
 +
| style="width:7%; background:#7B8ABD" align="center"|11
 +
| style="width:15%; background:#cccccc" align="center"| Mano Paul
 +
| style="width:15%; background:#cccccc" align="center"| Express Certifications
 +
| style="width:63%; background:#cccccc" align="center"| Interested in the topic
 +
|
 +
|-
 +
| style="width:7%; background:#7B8ABD" align="center"|12
 +
| style="width:15%; background:#cccccc" align="center"| Fabio Cerullo
 +
| style="width:15%; background:#cccccc" align="center"| AIB Bank
 +
| style="width:63%; background:#cccccc" align="center"| Interested in the topic
 
  |}
 
  |}
 
If needed add here more lines.
 
If needed add here more lines.

Latest revision as of 07:43, 3 November 2008

Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Work Session Name OWASP Certification
Short Work Session Description TBD
Related Projects (if any)
Email Contacts & Roles Chair
TBD
Secretary
TBD
Mailing list
Subscription Page
WORKING SESSION SPECIFICS
Objectives
  • Discuss and review current proposal and survey results,
  • Identify risks of offering a certification program.
Venue/Date&Time/Model Venue
OWASP EU Summit Portugal 2008
Date&Time
November 5 & 7, 2008
Time TBD
Discussion Model
"Everybody is a Participant"
WORKING SESSION OPERATIONAL RESOURCES
Please add here, ASAP, any needed relevant resources, e.g. data-show, boards, laptops, etc.
WORKING SESSION ADDITIONAL DETAILS

Please add here, any additional notes, links, ideas, guidelines, etc... The objective is to help the working sessions participants and attendees to prepare their participation/contribution.

WORKING SESSION OUTCOMES
Statements, Initiatives or Decisions Proposed by Working Group Approved by OWASP Board
Fill in here. After the Board Meeting - fill in here.
Fill in here. After the Board Meeting - fill in here.

Working Session Participants

(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed
1 Dinis Cruz OWASP Want to share a number of ideas and see how I can help to make this happen
2 Matteo Meucci Minded Security Thinking at the OWASP Certifications from many time. Would like to understand which kind of certification is better for the OWASP Community.
3 Rex Booth Grant Thornton Interest in the cert topic.
4 Pavol Luptak Nethemba s.r.o. Interest in the cert topic.
5 David Campbell OWASP Cert skeptic
6 Andrzej Targosz PROIDEA Interest in the topic.
7 Giorgio Fedon Minded Security Share Ideas and talking about the need for a Certification
8 Esteban Ribicic HP Interested on the topic
9 Christian Martorella S21sec Interested in the topic, and share ideas.
10 Tom Brennan OWASP Inject pro and con about a OWASP Certification
11 Mano Paul Express Certifications Interested in the topic
12 Fabio Cerullo AIB Bank Interested in the topic

If needed add here more lines.