Difference between revisions of "Summit 2011 Working Sessions/Session067"

From OWASP
Jump to: navigation, search
 
(18 intermediate revisions by 14 users not shown)
Line 1: Line 1:
=[[Image:T._individual_projects.jpg]]=
 
 
{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude>
 
{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude>
 
|-
 
|-
  
| summit_session_attendee_name1 =  
+
| summit_session_attendee_name1 = Nishi Kumar
| summit_session_attendee_email1 =  
+
| summit_session_attendee_email1 = nishi.kumar@owasp.org
| summit_session_attendee_company1=
+
| summit_session_attendee_username1 =  
 +
| summit_session_attendee_company1= FIS
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1=
  
| summit_session_attendee_name2 =  
+
| summit_session_attendee_name2 = Steven van der Baan
| summit_session_attendee_email2 =  
+
| summit_session_attendee_email2 = steven.van.der.baan@owasp.org
 +
| summit_session_attendee_username2 =  
 
| summit_session_attendee_company2=
 
| summit_session_attendee_company2=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2=
  
| summit_session_attendee_name3 =  
+
| summit_session_attendee_name3 = Wojciech Dworakowski
| summit_session_attendee_email3 =  
+
| summit_session_attendee_email3 = wojciech.dworakowski@securing.pl
| summit_session_attendee_company3=
+
| summit_session_attendee_username3 = Wojciech Dworakowski
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3=
+
| summit_session_attendee_company3= SecuRing
 +
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3= ASVS extensions. Requirements mapping to CWE, Top10 and other OWASP projects. ASVS requirements and risk impact. Level1 - tools availability. 
  
| summit_session_attendee_name4 =  
+
| summit_session_attendee_name4 = Jim Manico
| summit_session_attendee_email4 =  
+
| summit_session_attendee_email4 = jim.manico@owasp.org
| summit_session_attendee_company4=
+
| summit_session_attendee_username4 =  
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4=
+
| summit_session_attendee_company4= Independent Consultant
 +
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4= Love for ASVS
  
| summit_session_attendee_name5 =  
+
| summit_session_attendee_name5 = Vishal Garg
| summit_session_attendee_email5 =  
+
| summit_session_attendee_email5 = vishalgrg@gmail.com
| summit_session_attendee_company5=
+
| summit_session_attendee_username5 =  
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5=
+
| summit_session_attendee_company5= AppSecure Labs
 +
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5= ASVS adoption within and outside OWASP. One example - OWASP Development Guide.
  
| summit_session_attendee_name6 =  
+
| summit_session_attendee_name6 = Abraham Kang
 
| summit_session_attendee_email6 =  
 
| summit_session_attendee_email6 =  
 +
| summit_session_attendee_username6 =
 
| summit_session_attendee_company6=
 
| summit_session_attendee_company6=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6=
  
| summit_session_attendee_name7 =  
+
| summit_session_attendee_name7 = Keith Turpin
| summit_session_attendee_email7 =  
+
| summit_session_attendee_email7 = keith.turpin@owasp.org
 +
| summit_session_attendee_username7 = Keith_Turpin
 
| summit_session_attendee_company7=
 
| summit_session_attendee_company7=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7=
  
| summit_session_attendee_name8 =  
+
| summit_session_attendee_name8 = Alexandre Miguel Aniceto
| summit_session_attendee_email8 =  
+
| summit_session_attendee_email8 = alexandre.aniceto@sekirite.org
| summit_session_attendee_company8=
+
| summit_session_attendee_username8 = Alexandre Miguel Aniceto
 +
| summit_session_attendee_company8= Willway
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8=
  
 
| summit_session_attendee_name9 =  
 
| summit_session_attendee_name9 =  
 
| summit_session_attendee_email9 =  
 
| summit_session_attendee_email9 =  
 +
| summit_session_attendee_username9 =
 
| summit_session_attendee_company9=
 
| summit_session_attendee_company9=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9=
Line 50: Line 58:
 
| summit_session_attendee_name10 =  
 
| summit_session_attendee_name10 =  
 
| summit_session_attendee_email10 =  
 
| summit_session_attendee_email10 =  
 +
| summit_session_attendee_username10 =
 
| summit_session_attendee_company10=
 
| summit_session_attendee_company10=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10=
Line 55: Line 64:
 
| summit_session_attendee_name11 =  
 
| summit_session_attendee_name11 =  
 
| summit_session_attendee_email11 =  
 
| summit_session_attendee_email11 =  
 +
| summit_session_attendee_username11 =
 
| summit_session_attendee_company11=
 
| summit_session_attendee_company11=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11=
Line 60: Line 70:
 
| summit_session_attendee_name12 =  
 
| summit_session_attendee_name12 =  
 
| summit_session_attendee_email12 =  
 
| summit_session_attendee_email12 =  
 +
| summit_session_attendee_username12 =
 
| summit_session_attendee_company12=
 
| summit_session_attendee_company12=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12=
Line 65: Line 76:
 
| summit_session_attendee_name13 =  
 
| summit_session_attendee_name13 =  
 
| summit_session_attendee_email13 =  
 
| summit_session_attendee_email13 =  
 +
| summit_session_attendee_username13 =
 
| summit_session_attendee_company13=
 
| summit_session_attendee_company13=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13=
Line 70: Line 82:
 
| summit_session_attendee_name14 =  
 
| summit_session_attendee_name14 =  
 
| summit_session_attendee_email14 =  
 
| summit_session_attendee_email14 =  
 +
| summit_session_attendee_username14 =
 
| summit_session_attendee_company14=
 
| summit_session_attendee_company14=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=  
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14=  
Line 75: Line 88:
 
| summit_session_attendee_name15 =  
 
| summit_session_attendee_name15 =  
 
| summit_session_attendee_email15 =  
 
| summit_session_attendee_email15 =  
 +
| summit_session_attendee_username15 =
 
| summit_session_attendee_company15=
 
| summit_session_attendee_company15=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15=
Line 80: Line 94:
 
| summit_session_attendee_name16 =  
 
| summit_session_attendee_name16 =  
 
| summit_session_attendee_email16 =  
 
| summit_session_attendee_email16 =  
 +
| summit_session_attendee_username16 =
 
| summit_session_attendee_company16=
 
| summit_session_attendee_company16=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16=
Line 85: Line 100:
 
| summit_session_attendee_name17 =  
 
| summit_session_attendee_name17 =  
 
| summit_session_attendee_email17 =  
 
| summit_session_attendee_email17 =  
 +
| summit_session_attendee_username17 =
 
| summit_session_attendee_company17=
 
| summit_session_attendee_company17=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17=
Line 90: Line 106:
 
| summit_session_attendee_name18 =  
 
| summit_session_attendee_name18 =  
 
| summit_session_attendee_email18 =  
 
| summit_session_attendee_email18 =  
 +
| summit_session_attendee_username18 =
 
| summit_session_attendee_company18=
 
| summit_session_attendee_company18=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18=
Line 95: Line 112:
 
| summit_session_attendee_name19 =  
 
| summit_session_attendee_name19 =  
 
| summit_session_attendee_email19 =  
 
| summit_session_attendee_email19 =  
 +
| summit_session_attendee_username19 =
 
| summit_session_attendee_company19=
 
| summit_session_attendee_company19=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19=
Line 100: Line 118:
 
| summit_session_attendee_name20 =  
 
| summit_session_attendee_name20 =  
 
| summit_session_attendee_email20 =  
 
| summit_session_attendee_email20 =  
 +
| summit_session_attendee_username20 =
 
| summit_session_attendee_company20=
 
| summit_session_attendee_company20=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=
 
| summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20=
  
 
|-
 
|-
 
+
| summit_track_logo = [[Image:T._individual_projects.jpg]]
| summit_session_name = [[Image:WS._individual_projects.jpg]] ASVS Project
+
| summit_ws_logo = [[Image:WS._individual_projects.jpg]]
 +
| summit_session_name = ASVS Project
 
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session067
 
| summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session067
  
 
|-
 
|-
  
| short_working_session_description=
+
| short_working_session_description=Discussion on the Application Security Verification Standard (expierences, ideas for improvements)
  
 
|-
 
|-
Line 131: Line 151:
 
|-
 
|-
  
| summit_session_objective_name1=  
+
| summit_session_objective_name1 = Discuss expierences with using ASVS
  
| summit_session_objective_name2 =  
+
| summit_session_objective_name2 = Discuss specific requirements and ideas for improvement
  
| summit_session_objective_name3 =  
+
| summit_session_objective_name3 = Create a white paper with ideas for revisions to the ASVS
  
 
| summit_session_objective_name4 =  
 
| summit_session_objective_name4 =  
Line 159: Line 179:
 
|-
 
|-
  
|summit_session_deliverable_name1 =  
+
|summit_session_deliverable_name1 = A short white paper with ideas for revisions to the ASVS, ready for evaluation by the community at large.  Actual suggested revisions to the document are helpful, but not required if time does not allow.
|summit_session_deliverable_url_1 =
+
  
 
|summit_session_deliverable_name2 =  
 
|summit_session_deliverable_name2 =  
|summit_session_deliverable_url_2 =
 
  
 
|summit_session_deliverable_name3 =  
 
|summit_session_deliverable_name3 =  
|summit_session_deliverable_url_3 =
 
  
 
|summit_session_deliverable_name4 =  
 
|summit_session_deliverable_name4 =  
|summit_session_deliverable_url_4 =
 
  
 
|summit_session_deliverable_name5 =  
 
|summit_session_deliverable_name5 =  
|summit_session_deliverable_url_5 =  
+
 
 +
|summit_session_deliverable_name6 =
 +
 
 +
|summit_session_deliverable_name7 =
 +
 
 +
|summit_session_deliverable_name8 =  
  
 
|-
 
|-
Line 181: Line 202:
 
| summit_session_leader_name2 =  
 
| summit_session_leader_name2 =  
 
| summit_session_leader_email2 =  
 
| summit_session_leader_email2 =  
 +
| summit_session_leader_username2 =
  
 
| summit_session_leader_name3 =  
 
| summit_session_leader_name3 =  
 
| summit_session_leader_email3 =  
 
| summit_session_leader_email3 =  
 +
| summit_session_leader_username3 =
  
 
|-
 
|-
Line 189: Line 212:
 
| operational_leader_name1 =
 
| operational_leader_name1 =
 
| operational_leader_email1 =
 
| operational_leader_email1 =
 +
| operational_leader_username1 =
 
|-
 
|-
  

Latest revision as of 04:57, 9 February 2011

Global Summit 2011 Home Page
Global Summit 2011 Tracks

WS. individual projects.jpg ASVS Project
Please see/use the 'discussion' page for more details about this Working Session
Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Short Work Session Description Discussion on the Application Security Verification Standard (expierences, ideas for improvements)
Related Projects (if any)


Email Contacts & Roles Chair
Matthias Rohr @

Operational Manager
Mailing list
{{{mailing_list}}}
WORKING SESSION SPECIFICS
Objectives
  1. Discuss expierences with using ASVS
  2. Discuss specific requirements and ideas for improvement
  3. Create a white paper with ideas for revisions to the ASVS

Venue/Date&Time/Model Venue/Room
OWASP Global Summit Portugal 2011
Date & Time


Discussion Model
participants and attendees

WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power

WORKING SESSION ADDITIONAL DETAILS
WORKING SESSION OUTCOMES / DELIVERABLES
Proposed by Working Group Approved by OWASP Board

A short white paper with ideas for revisions to the ASVS, ready for evaluation by the community at large. Actual suggested revisions to the document are helpful, but not required if time does not allow.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

Working Session Participants

(Add you name by clicking "edit" on the tab on the upper left side of this page)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed
Nishi Kumar @
FIS

Steven van der Baan @


Wojciech Dworakowski @
SecuRing
ASVS extensions. Requirements mapping to CWE, Top10 and other OWASP projects. ASVS requirements and risk impact. Level1 - tools availability.
Jim Manico @
Independent Consultant
Love for ASVS
Vishal Garg @
AppSecure Labs
ASVS adoption within and outside OWASP. One example - OWASP Development Guide.
Abraham Kang


Keith Turpin @


Alexandre Miguel Aniceto @
Willway