Difference between revisions of "Projects Summit 2013/Working Sessions/001"

From OWASP
Jump to: navigation, search
 
Line 111: Line 111:
 
| summit_session_attendee_username1 =  
 
| summit_session_attendee_username1 =  
 
| summit_session_attendee_company1=
 
| summit_session_attendee_company1=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=[https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=
  
 
| summit_session_attendee_name2 = Kevin Wall
 
| summit_session_attendee_name2 = Kevin Wall
Line 117: Line 117:
 
| summit_session_attendee_username2 =  
 
| summit_session_attendee_username2 =  
 
| summit_session_attendee_company2=
 
| summit_session_attendee_company2=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=[https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=
  
 
| summit_session_attendee_name3 = Jeff Williams
 
| summit_session_attendee_name3 = Jeff Williams
Line 123: Line 123:
 
| summit_session_attendee_username3 =  
 
| summit_session_attendee_username3 =  
 
| summit_session_attendee_company3=  
 
| summit_session_attendee_company3=  
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=[https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=
 
+
 
| summit_session_attendee_name4 =  
 
| summit_session_attendee_name4 =  
 
| summit_session_attendee_email4 =  
 
| summit_session_attendee_email4 =  
 
| summit_session_attendee_username4 =  
 
| summit_session_attendee_username4 =  
 
| summit_session_attendee_company4=
 
| summit_session_attendee_company4=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=[https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=
  
 
| summit_session_attendee_name5 =  
 
| summit_session_attendee_name5 =  
Line 135: Line 134:
 
| summit_session_attendee_username5 =  
 
| summit_session_attendee_username5 =  
 
| summit_session_attendee_company5=  
 
| summit_session_attendee_company5=  
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=[https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=
  
 
| summit_session_attendee_name6 =  
 
| summit_session_attendee_name6 =  
Line 141: Line 140:
 
| summit_session_attendee_username6 =  
 
| summit_session_attendee_username6 =  
 
| summit_session_attendee_company6=
 
| summit_session_attendee_company6=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=[https://www.owasp.org/index.php/Webgoat Webgoat]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=
  
 
| summit_session_attendee_name7 =  
 
| summit_session_attendee_name7 =  
Line 147: Line 146:
 
| summit_session_attendee_username7 =  
 
| summit_session_attendee_username7 =  
 
| summit_session_attendee_company7=
 
| summit_session_attendee_company7=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=[https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=
  
 
| summit_session_attendee_name8 =  
 
| summit_session_attendee_name8 =  
Line 153: Line 152:
 
| summit_session_attendee_username8 =  
 
| summit_session_attendee_username8 =  
 
| summit_session_attendee_company8=
 
| summit_session_attendee_company8=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=[https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=
  
 
| summit_session_attendee_name9 =  
 
| summit_session_attendee_name9 =  
Line 159: Line 158:
 
| summit_session_attendee_username9 =  
 
| summit_session_attendee_username9 =  
 
| summit_session_attendee_company9=
 
| summit_session_attendee_company9=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=[https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=
  
 
| summit_session_attendee_name10 =  
 
| summit_session_attendee_name10 =  
Line 165: Line 164:
 
| summit_session_attendee_username10 =  
 
| summit_session_attendee_username10 =  
 
| summit_session_attendee_company10=
 
| summit_session_attendee_company10=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=[https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=
  
 
| summit_session_attendee_name11 =  
 
| summit_session_attendee_name11 =  
Line 171: Line 170:
 
| summit_session_attendee_username11 =  
 
| summit_session_attendee_username11 =  
 
| summit_session_attendee_company11=
 
| summit_session_attendee_company11=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=[https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=
  
 
| summit_session_attendee_name12 =  
 
| summit_session_attendee_name12 =  
Line 177: Line 176:
 
| summit_session_attendee_username12 =  
 
| summit_session_attendee_username12 =  
 
| summit_session_attendee_company12=
 
| summit_session_attendee_company12=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=[https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=
  
 
| summit_session_attendee_name13 =  
 
| summit_session_attendee_name13 =  
Line 183: Line 182:
 
| summit_session_attendee_username13 =  
 
| summit_session_attendee_username13 =  
 
| summit_session_attendee_company13=
 
| summit_session_attendee_company13=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=[https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=
  
 
| summit_session_attendee_name14 =  
 
| summit_session_attendee_name14 =  
Line 189: Line 188:
 
| summit_session_attendee_username14 =  
 
| summit_session_attendee_username14 =  
 
| summit_session_attendee_company14=
 
| summit_session_attendee_company14=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=  
  
 
| summit_session_attendee_name15 =  
 
| summit_session_attendee_name15 =  
Line 195: Line 194:
 
| summit_session_attendee_username15 =  
 
| summit_session_attendee_username15 =  
 
| summit_session_attendee_company15=
 
| summit_session_attendee_company15=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=[https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=
  
 
| summit_session_attendee_name16 =  
 
| summit_session_attendee_name16 =  
Line 201: Line 200:
 
| summit_session_attendee_username16 =  
 
| summit_session_attendee_username16 =  
 
| summit_session_attendee_company16=
 
| summit_session_attendee_company16=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=[https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=
  
 
| summit_session_attendee_name17 =  
 
| summit_session_attendee_name17 =  
Line 207: Line 206:
 
| summit_session_attendee_username17 =  
 
| summit_session_attendee_username17 =  
 
| summit_session_attendee_company17=
 
| summit_session_attendee_company17=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=[https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=
  
 
| summit_session_attendee_name18 =  
 
| summit_session_attendee_name18 =  
Line 213: Line 212:
 
| summit_session_attendee_username18 =  
 
| summit_session_attendee_username18 =  
 
| summit_session_attendee_company18=
 
| summit_session_attendee_company18=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=[https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=
  
 
| summit_session_attendee_name19 =  
 
| summit_session_attendee_name19 =  
Line 219: Line 218:
 
| summit_session_attendee_username19 =  
 
| summit_session_attendee_username19 =  
 
| summit_session_attendee_company19=
 
| summit_session_attendee_company19=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=[https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=
  
 
| summit_session_attendee_name20 =  
 
| summit_session_attendee_name20 =  
Line 225: Line 224:
 
| summit_session_attendee_username20 =  
 
| summit_session_attendee_username20 =  
 
| summit_session_attendee_company20=
 
| summit_session_attendee_company20=
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=[https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor]
+
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=
  
  

Latest revision as of 14:28, 14 November 2013

Global Summit 2013 Home Page
Global Summit 2013 Tracks

Working Session.jpg ESAPI Hackathon
Please see/use the 'discussion' page for more details about this Working Session
Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Short Work Session Description Coordinate a Hackathon where ESAPI Project Goals are worked on and delivered based on the roadmap.
Related Projects (if any)


Email Contacts & Roles Chair
Chris Schmidt @

Operational Manager
Kevin Wall @
Mailing list
Google Groups: owasp-project-summit-2013
WORKING SESSION SPECIFICS
Objectives
  1. Planning to sponsor 2 "senior developers" to attend the hack-a-thon and take the lead role on the development effort, they will be involved in the architecture aspect of the project and goal-building and attendees will be able to choose a component from the architecture to work on.
  2. We will purchase a prize for the developer/team that accomplishes the most quality work scored based on complexity of the component(s) they will be working on. The judges for the prizes will be Jeff Williams, Kevin Wall and Chris Schmidt.
  3. There will be a set of guidelines for entries – primarily, backwards compatibility and/or clear upgrade path from ESAPI 2.x, testability, and distribution model of the component.

Venue/Date&Time/Model Venue/Room
AppSec USA 2013: Times Square, New York City
Date & Time
Monday to Thursday, November 18-21: 9am to 11am.


Discussion Model
participants and attendees

WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power

WORKING SESSION ADDITIONAL DETAILS

NEW-PROJECTS-BANNER2.jpg

Chair: Chris Schmidt

Chris is currently the Project Leader for the OWASP ESAPI Projects and also serves on the OWASP Global Projects Committee. He has been involved with OWASP for 4 years and has spoken at many OWASP events about the benefits of the Enterprise Security API as well as participated in Leadership discussions amongst the organization. During the day, Chris is an Application Security Engineer and Senior Software Engineer for Aspect Security where he has been since fall 2010. Prior to joining the team at Aspect Security he spent 5 years as 'Black Ops Beef' for ServiceMagic Inc with the official title of Software Engineer. Before getting involved in software professionally, Chris worked in hardware as a Senior Field Service Engineer providing hardware and software support for PC’s, Servers, Midrange Systems and Peripherals for 9 years.

Operational Manager: Kevin Wall

Experienced Application Security developer, OWASP ESAPI Project co-owner.

WORKING SESSION OUTCOMES / DELIVERABLES
Proposed by Working Group 'Delivered by Working Group

Identify the primary goals to deem the hack-a-thon a success.

After the Meeting - fill in here.

Layout the overall architecture vision for ESAPI 3.0.

After the Meeting - fill in here.

Lay down the infrastructure (Git, Continuous Integration, Testing Framework, etc.).

After the Meeting - fill in here.

Design the specification for the components that will be required.

After the Meeting - fill in here.

Close down all inactive ESAPI Projects.

After the Meeting - fill in here.

After the Meeting - fill in here.

After the Meeting - fill in here.

After the Meeting - fill in here.

Working Session Participants

(Add you name by clicking "edit" on the tab on the upper left side of this page)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed

{{{summit_session_attendee_company21}}}
{{{summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed21}}}
Chris Schmidt @


Kevin Wall @


Jeff Williams @