Difference between revisions of "SpoC 007 - OWASP Corporate Application Security Rating Guide"

From OWASP
Jump to: navigation, search
(New page: '''[http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007_Selection Back to SpoC 007 Selection page]''' '''AoC Candidate''': Erwin Geirnaert '''Project coordinator''': Mandeep Khera...)
 
Line 8: Line 8:
 
'''Project Progress''': 0% Complete, [[OWASP Corporate Application Security Rating Guide - Progress Page|Progress Page]]
 
'''Project Progress''': 0% Complete, [[OWASP Corporate Application Security Rating Guide - Progress Page|Progress Page]]
  
==  Erwin Geirnaert - OWASP WebGoat Solutions Guide ==
+
==  Erwin Geirnaert - OWASP Corporate Application Security Rating Guide ==
  
  
 
=== Executive Summary ===
 
=== Executive Summary ===
  
WebGoat is used by a lot of people to learn about web application security and the different vulnerabilities. But it takes a lot of time to grasp how the tools like WebScarab work and how to use them effectively in WebGoat. I propose to create a walkthrough of the lessons in WebGoat so that people can learn from the solutions, without spoiling the fun.
 
  
=== Objectives and Deliverables ===
 
  
The WebGoat Solutions Guide is a document that can be bundled with WebGoat. Each lesson contains a detailed solution with screenshots and tools. I created a PDF with the solution for WebGoat 4.0 but this is too big to load (15 MB) and is not very practical.
+
=== Objectives and Deliverables ===
  
After a discussion with Bruce about this, we think that the solutions should be made like the existing Lessons Plan so it is easier to maintain and update when a lesson changes. This means that there will be documentation folder and an individual solution for each lesson. 
 
  
 
=== Why I should be sponsored for the project ===
 
=== Why I should be sponsored for the project ===

Revision as of 12:41, 3 October 2007

Back to SpoC 007 Selection page


AoC Candidate: Erwin Geirnaert

Project coordinator: Mandeep Khera

Project Progress: 0% Complete, Progress Page

Erwin Geirnaert - OWASP Corporate Application Security Rating Guide

Executive Summary

Objectives and Deliverables

Why I should be sponsored for the project

I have more then 10 years experience in Java and J2EE and the last 6 years I have tested and broke a lot of web applications. I gave also some very successful J2EE security courses and web security courses. I spoke at different conferences about application security in Europe. And I am responsible for the security track at Javapolis, one of the biggest Jave conferences in Europe. I am the co-founder of ZION SECURITY where we do security testing, code review, design reviews, training,... I'm also member of the OWASP Belgium board that started in March 2007.


Back to SpoC 007 Selection page