OWASP Foundation OWASP does not endorse or recommend commercial - - PowerPoint PPT Presentation

owasp foundation
SMART_READER_LITE
LIVE PREVIEW

OWASP Foundation OWASP does not endorse or recommend commercial - - PowerPoint PPT Presentation

Sep 05, 2022 142 likes •387 views

OWASP Foundation OWASP does not endorse or recommend commercial products or services , allowing our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide. OWASP Foundation, NYC Chapter

slide-1
SLIDE 1

OWASP Foundation

OWASP does not endorse or recommend commercial products or services, allowing our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide.

slide-2
SLIDE 2

OWASP Foundation, NYC Chapter Exploits & Innovation

OWASP was established in 2001. In 2004 it became a 501(c)(3) not-for-profit charitable

  • rganization focused on improving the security
  • f software.

The mission is to make software security visible so that individuals and organizations worldwide can make informed decisions about true software security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. 12/7 AGENDA 6:00pm Welcome Networking / Social 6:15pm Royal Hansen, Goldman Sachs 6:30pm iOS Spelunking, Mikhail Sosonkin 7:30pm “Goldfish Pond” w/ Joe Bernik

  • SimpleRISK, Josh Sokol
  • OpCode41, Ken Belva

8:30pm State of Bug Bounties, Leif Dreizler 9:30pm After Party

slide-3
SLIDE 3

THANK YOU!

OWASP Leaders, Members Meet-Up Attendees Venue Host - Goldman Sachs Tonight’s Meeting Sponsors Hewlett Packard, ProactiveRISK, Synack, Lifars, Illumio, LogRhythm NYCSeed, ff Venture Capital

Thank you to our our corporate supporters that enable us to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks

slide-4
SLIDE 4

LOCAL SUPPORT PROVIDED BYers

slide-5
SLIDE 5

Corporate Membership

slide-6
SLIDE 6
slide-7
SLIDE 7

2015 Chapter Summary Wrap Up

Active events

  • Project Sprints
  • Virtual Village
  • Cheat Sheets
  • Top 10 IR
  • ++Other projects

Active people

125

slide-8
SLIDE 8
slide-9
SLIDE 9
slide-10
SLIDE 10
slide-11
SLIDE 11

2016 Chapter Goals

Quarterly Chapter Meetings Career Development / Training Project Sprints Highlight & Promote Innovation Membership Growth <insert your area of focus>

slide-12
SLIDE 12
slide-13
SLIDE 13

Got Idea, Training, Talk, Project?

“01100011 01101111 01100100 01100101” Open-Source Tactical and Practical SUBMIT ONLINE

Speaker Committee Selection

slide-14
SLIDE 14

How Can You Help?

Local / Global Technical Committee

  • Improve X
  • Projects
  • Speakers

Local / Global Business Committee

  • Improve Y
  • Events
  • Logistics
slide-15
SLIDE 15

2016 Leadership

  • Determine mission and purpose. It is the board's

responsibility to create and review a statement of mission and purpose that articulates the organization's goals, means, and primary constituents served.

  • Select the chief executive. Boards must reach consensus
  • n the chief executive's responsibilities and undertake a

careful search to find the most qualified individual for the position.

  • Support and evaluate the chief executive. The board

should ensure that the chief executive has the moral and professional support he or she needs to further the goals of the organization.

  • Ensure effective planning. Boards must actively

participate in an overall planning process and assist in implementing and monitoring the plan's goals.

  • Monitor and strengthen programs and services. The

board's responsibility is to determine which programs are consistent with the organization's mission and monitor their effectiveness.

  • Ensure adequate financial resources. One of the board's

foremost responsibilities is to secure adequate resources for the organization to fulfill its mission.

  • Protect assets and provide proper financial oversight.

The board must assist in developing the annual budget and ensuring that proper financial controls are in place.

  • Build a competent board. All boards have a responsibility

to articulate prerequisites for candidates, orient new members, and periodically and comprehensively evaluate their own performance.

  • Ensure legal and ethical integrity. The board is ultimately

responsible for adherence to legal standards and ethical norms.

  • Enhance the organization's public standing. The board

should clearly articulate the organization's mission, accomplishments, and goals to the public and garner support from the community.

slide-16
SLIDE 16

Active Chapters Globally

slide-17
SLIDE 17

OWASP AppSecEMEA 2016 June 27 - 1 July Rome Italy

slide-18
SLIDE 18

HACKNYC 2016

July 18th - 21st

  • Call for Trainers!
  • Hackathon
  • Bug Bounty
slide-19
SLIDE 19

OWASP AppSecUSA 2016 October 11-14, Washington, DC

slide-20
SLIDE 20

New York Metro Joint Cyber Security Conference October 2016

InfraGard - New York Metro ISACA - New York Metro ISACA - New Jersey ISACA - Greater Hartford CT (ISC)2 - New Jersey ISSA - New York OWASP - NYC, LI, BKLN HTCIA - Northeast Region ACFE - New Jersey

HELP WANTED

slide-21
SLIDE 21

FREE TRAINING

Welcome to the OWASP Video Collection ONLINE: www.owasp.org 1.1 OWASP AppSecUSA 2015 Conference 1.2 OWASP NYC Cyber Security Channel 1.3 OWASP AppSecEU 2015 Conference 1.4 OWASP Global Webinars 1.5 OWASP AppSecUSA 2014 Conference 1.6 OWASP AppSec Europe 2014 Conference 1.7 OWASP AppSec California 2014 Conference 1.8 OWASP AppSecUSA 2013 Conference 1.9 OWASP AppSec EU Research 2013 Conference 1.10 OWASP AppSec Video Tutorial Series w/ Jerry Hoff 1.11 OWASP AppSecUSA 2012 Conference 1.12 OWASP AppSecUSA 2011 Conference 1.13 OWASP Summit 2011 1.14 OWASP Appsec DC 2010 Conference 1.15 OWASP USA 2010 Conference 1.16 OWASP EU 2010 Conference 1.17 OWASP FROC 2010 Conference 1.18 OWASP USA 2009 Conference 1.19 OWASP AppSecEMEA 2009 Conference 1.20 OWASP Israel 2008 1.21 OWASP AppSecUSA 2008 Conference 1.22 OWASP SnowFROC 1.23 OWASP Minneapolis/St. Paul (OWASP MSP) The Software Assurance Forum for Excellence in Code (SAFECode) is a non-profit organization exclusively dedicated to increasing trust in information and communications technology products and services through the advancement of effective software assurance methods. SAFECode is a global, industry-led effort to identify and promote best practices for developing and delivering more secure and reliable software, hardware and services. Courses include:

  • Introduction to Cryptography Secure
  • Memory Handling in C
  • Threat Modeling
  • Secure Java Programming
  • Cross Site Scripting (XSS)
  • Product Penetration Testing
  • Auth 101: A Passwords Backgrounder for Everyone
  • DOH: Default, Obscure and Hidden Content for Everyone
  • An Introduction to Windows Access Controls
  • File Permissions Linux and OS X Injections
  • SQL and Beyond CSRF
  • Cross Site Request Forgery for Everyone

Details: https://training.safecode.org/courses

slide-22
SLIDE 22

Community

slide-23
SLIDE 23

Questions