Owasp global industry committee
This presentation is the property of its rightful owner.
Sponsored Links
1 / 17

OWASP Global Industry Committee PowerPoint PPT Presentation


  • 99 Views
  • Uploaded on
  • Presentation posted in: General

OWASP Global Industry Committee. Colin Watson Global Industry Committee Member colin.watson(at)owasp.org. 25 th June 2009. The World of OWASP. Projects Membership Education Conferences Industry Chapters. Local Chapter. Participants and Contributors. Members. Employees.

Download Presentation

OWASP Global Industry Committee

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Owasp global industry committee

OWASPGlobal Industry Committee

Colin Watson

Global Industry Committee Member

colin.watson(at)owasp.org

25th June 2009


The world of owasp

The World of OWASP

Projects

Membership

Education

Conferences

Industry

Chapters

Local Chapter

Participants and Contributors

Members

Employees

Chapter Leaders, Conference Organisers, Project Leaders and Reviewers

Board

Projects and Working Groups

Global Committees


Industry committee

O

P

C

Industry Committee

  • Rex Booth

  • David Campbell

  • Georg Hess

  • Eoin Keary

  • Colin Watson

  • Tom Brennan

  • Outreach

  • Position paper / response

  • Collaborate with other organisations

O

P

C


Infragard

O

P

C

InfraGard

  • Collaboration between the US FBI and maintainers of critical national infrastructure

  • Presentation to Denver chapter of InfraGard

  • Completed December 2008


Dpc bs 8878 2009

O

P

C

DPC BS 8878:2009

  • Draft British Standard

  • First official response

  • "The goal of any web project should be to create web experiences that are accessible, usable and enjoyable for everyone.“

  • Safe and secure?

  • Response submitted 31 January 2009


Digital britain interim report

O

P

C

Digital Britain Interim Report

  • A vision for Britain’s digital economy

  • "Empowered and informed consumers and citizens fully equipped to take advantage of the opportunities convergence brings.“

  • "Internet: looking at a range of issues affecting internet users, such as user security and safety and a workable approach to promoting content standards.“

  • Response submitted 11 March 2009


Draft nist sp 800 122

O

P

C

Draft NIST SP 800-122

  • Document to assist US Federal agencies in protecting the confidentiality of Personally Identifiable Information (PII)

  • Added information and corrections to online related examples

  • Response submitted 13 March 2009


Draft nist sp 800 53 revision 3

O

P

C

Draft NIST SP 800-53 Revision 3

  • Key information security document for US federal sector

  • Controls to comply with the Federal Information Security Management Act (FISMA)

  • First major update since 2005

  • Response submitted 27 March 2009

  • Final public draft published June 2009


Dpc bs 10012

O

P

C

DPC BS 10012

  • Implementation of a Personal Information Management System (PIMS)

  • PI rather than information security (IS)

  • Response submitted 31 March 2009

  • BS 10012:2009 published May 2009


Frontier airlines

O

P

C

Frontier Airlines

  • North American airline based in Denver, Colorado

  • Presentation covering fundamentals of AppSec and an introduction to OWASP

  • Completed May 2009


Draft nist sp 800 118

O

P

C

Draft NIST SP 800-118

  • Draft Guide to Enterprise Password Management

  • Suggestions focussed on:

    • increasing information on application-related issues

    • providing additional detail and references

    • password complexity requirements must be related to risk and should be kept secret

  • Response submitted 29 May 2009


Cfp conference 2009

O

P

C

CFP Conference 2009

  • Computers, Freedom and Privacy Conference

  • Tutorial on “The Web is a Dangerous Place”

  • Completed June 2009


Insurance institute of london iil

O

P

C

Insurance Institute of London (IIL)

  • Insurance Aspects of E-Commerce

  • Book launch

  • Potential for future collaboration

  • Completed June 2009


Enisa who is who

O

P

C

C

ENISA Who-Is-Who

  • European Network and Information Security Agency (ENISA)

  • EU AppSec EU09 in co-operation with ENISA

  • Who-is-Who Directory on Network and Information Security 2009 (v4.0)

  • No OWASP

    • European chapter leaders

    • 3 UK chapters

    • OWASP (international)


Safecode secure software development

O

P

C

SAFEcode Secure Software Development

  • Software Assurance Forum for Excellence in Code

  • Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today

  • In progress

  • Response due 31 July 2009


Contribute

O

P

C

Contribute

  • Participate in OWASP projects

  • Suggest organisations to engage with and documents/standards/drafts to comment on

  • Provide input to the response creation and review process

  • Join the Global Industry Committee’s mailing list

http://www.owasp.org/index.php/Global_Industry_Committee


Owasp global industry committee

End


  • Login