Upload
jonah-contreras
View
25
Download
0
Embed Size (px)
DESCRIPTION
OWASP Global Industry Committee. Colin Watson Global Industry Committee Member colin.watson(at)owasp.org. 25 th June 2009. The World of OWASP. Projects Membership Education Conferences Industry Chapters. Local Chapter. Participants and Contributors. Members. Employees. - PowerPoint PPT Presentation
Citation preview
Copyright © The OWASP FoundationPermission is granted to copy, distribute and/or modify this document under the terms of the OWASP License.
The OWASP Foundation
OWASP
http://www.owasp.org
OWASPGlobal Industry Committee
Colin WatsonGlobal Industry Committee Membercolin.watson(at)owasp.org
25th June 2009
2OWASP
The World of OWASP
Participants and ContributorsMembers
Chapter Leaders, Conference Organisers, Project Leaders and Reviewers BoardProjects and Working GroupsGlobal Committees
Employees
Local Chapter
Projects
Membership
Education
Conferences
Industry
Chapters
3OWASP
Industry Committee
Outreach Position paper / response Collaborate with other
organisations
O P C
O
P
C
Rex Booth David Campbell Georg Hess Eoin Keary Colin Watson Tom Brennan
4OWASP
InfraGard
Collaboration between the US FBI and maintainers of critical national infrastructure
Presentation to Denver chapter of InfraGard
Completed December 2008
O P C
5OWASP
DPC BS 8878:2009
Draft British Standard First official response "The goal of any web project should be to
create web experiences that are accessible, usable and enjoyable for everyone.“
Safe and secure? Response submitted 31 January 2009
O P C
6OWASP
Digital Britain Interim Report
A vision for Britain’s digital economy "Empowered and informed consumers and
citizens fully equipped to take advantage of the opportunities convergence brings.“
"Internet: looking at a range of issues affecting internet users, such as user security and safety and a workable approach to promoting content standards.“
Response submitted 11 March 2009
O P C
7OWASP
Draft NIST SP 800-122
Document to assist US Federal agencies in protecting the confidentiality of Personally Identifiable Information (PII)
Added information and corrections to online related examples
Response submitted 13 March 2009
O P C
8OWASP
Draft NIST SP 800-53 Revision 3
Key information security document for US federal sector
Controls to comply with the Federal Information Security Management Act (FISMA)
First major update since 2005 Response submitted 27 March 2009 Final public draft published June 2009
O P C
9OWASP
DPC BS 10012
Implementation of a Personal Information Management System (PIMS)
PI rather than information security (IS) Response submitted 31 March 2009 BS 10012:2009 published May 2009
O P C
10OWASP
Frontier Airlines
North American airline based in Denver, Colorado
Presentation covering fundamentals of AppSec and an introduction to OWASP
Completed May 2009
O P C
11OWASP
Draft NIST SP 800-118
Draft Guide to Enterprise Password Management
Suggestions focussed on: increasing information on application-related
issuesproviding additional detail and referencespassword complexity requirements must be
related to risk and should be kept secret
Response submitted 29 May 2009
O P C
12OWASP
CFP Conference 2009
Computers, Freedom and Privacy Conference
Tutorial on “The Web is a Dangerous Place”
Completed June 2009
O P C
13OWASP
Insurance Institute of London (IIL)
Insurance Aspects of E-Commerce Book launch Potential for future collaboration Completed June 2009
O P C
14OWASP
ENISA Who-Is-Who
European Network and Information Security Agency (ENISA)
EU AppSec EU09 in co-operation with ENISA
Who-is-Who Directory on Network and Information Security 2009 (v4.0)
No OWASPEuropean chapter leaders3 UK chaptersOWASP (international)
O P CC
15OWASP
SAFEcode Secure Software Development
Software Assurance Forum for Excellence in Code
Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today
In progress Response due 31 July 2009
O P C
16OWASP
Contribute
Participate in OWASP projects Suggest organisations to engage with and
documents/standards/drafts to comment on
Provide input to the response creation and review process
Join the Global Industry Committee’s mailing list
O P C
http://www.owasp.org/index.php/Global_Industry_Committee
17OWASP
End