OWASP Projects
3 likes•674 views
Presentation slide of OWASP Night 13th(Local chapter meeting). About OWASP Projects.
OWASP Projects
- 1. OWASP Projects Takanori Nakanowatari
- 2. About Me • About Me • 某OA機器メーカー勤務 • OWASP Japanのお手伝い • 数年毎に1ヶ月程度、昼夜逆転
- 3. OWASP と言えば – Local Chapter –AppSec Conference –Cheat Sheet – プロジェクト その他、多数
- 4. OWASP プロジェクト プロジェクトを段階により区別 – フラグシップ – ラボ – インキュベータ – インアクティブ https://www.owasp.org/index.php/ OWASP_Project_Inventory#tab=Incubator_ Projects 4
- 5. フラグシップ • 現在、アップデート中。 これまでのフラグシップは以下のプロジェクト – Tools • OWASP Zed Attack Proxy • OWASP Web Testing Environment Project – Code • OWASP CSRFGuard Project 5
- 6. ラボ – Tools • OWASP OWTF • OWASP Broken Web Applications Project • OWASP EnDe Project • OWASP Hackademic Challenges Project • OWASP Mantra Security Framework • OWASP O2 Platform • OWASP OWTF • OWASP Web Testing Environment Project • OWASP WebGoat Project • OWASP Zed Attack Proxy • OWASP Vicnum Project 6
- 7. ラボ – Documentation – OWASP AppSec Tutorial Series – OWASP AppSensor Project – OWASP CTF Project – OWASP Legal Project – OWASP Podcast Project – Virtual Patching Best Practices – OWASP Application Security Verification Standard Project – OWASP Code Review Guide Project – OWASP Codes of Conduct – OWASP Development Guide Project – OWASP Secure Coding Practices - Quick Reference Guide – OWASP Software Assurance Maturity Model (SAMM) – OWASP Testing Guide Project – OWASP Top Ten Project 7
- 8. ラボ – Code –OWASP Enterprise Security API –OWASP ModSecurity Core Rule Set Project –OWASP CSRFGuard Project 8
- 9. ラボの評価 • ステイタス確認 https://www.owasp.org/index.php/LAB_Projects_Code_Analysis_Report 9
- 10. 新着プロジェクト紹介 • OWASP Code Pulse 2.0 https://www.owasp.org/index.php/OWASP_Code_Pulse_Project#tab=Main http://code-pulse.com • OWASP PHP Security Training Project • OWASP Hardened Phalcon Project • OWASP iOSForensic • OWASP Secure Development Training • OWASP JSEC CVE Details Project 10
- 11. プロジェクト事始め 1. Project Name, 2. Project purpose / overview, 3. Project Roadmap, 4. Project links (if any) to external sites, 5. Project Leader name, 6. Project Leader email address, 7. Project Leader wiki account - the username (you'll need this to edit the wiki), 8. Project Contributor(s) (if any) - name email and wiki account (if any), 9. Project Main Links (if any). https://www.owasp.org/index.php/Category:OWASP_Project#tab=Starting_a_New_Project 11
- 12. INACTIVE 例えば、 • OWASP Secure Password Project 復活の呪文あり。 12
- 13. Cheat Sheet • https://www.owasp.org/index.php/ OWASP_Cheat_Sheet_Series 13
- 14. Cheat Sheet • https://www.owasp.org/index.php/ HTML5_Security_Cheat_Sheet#WebSockets 14
- 15. Thank you! @ope Takanori.Nakanowatari _at_ owasp.org 15