SlideShare a Scribd company logo

Owasptunisiawebday2011 120112072523-phpapp02

Download as PPTX, PDF
A
Abwebnet
News & Politics
1 of 18
OWASP Tunisia Chapter The OWASP Foundation http://www.owasp.org Les Standards OWASP Tunisia WebDays 2011 Semeh Arbi OWASP Tunisia Chapter Email : semeh.arbi@owasp.org Décembre 2011
OWASP ??!!!!! (OWASP) : Open Web Application Security Project * Organization internationale à but non-lucratif * Indépendante des fournisseurs et des gouvernements * Sponsorisé par les membres ou par des entreprises Mission Principale : * Produire des documents , standards et outils dédiés à la sécurité des applications Web
License Approch == “OPEN” * Toutes les documentations, standards et outils sont fournis sous une license open-source. GFDL GPL BSD License Creative Commons
Organisation OWASP OWASP Conferences OWASP Governance OWASP Wiki OWASP OWASP Tools Chapter OWASP Foundation (501c3) OWASP Leaders Lists OWASP OWASP Board of Board of Operation Technical Books Project Directors Advisors Director Director Leaders OWASP Community
Chapitres
Support
OWASP vs Compliance * ISO * SOX * SAS70 * PCI DSS
Initiatives Building Guide Top 10 Training CLASP Conferences Ajax WebGoat Orizon CBT .NET, Java Chapters Testing Guide Project incubator WebScarab Wiki portal Validation Forums Certification Blogs
9% : Code 41% : Outils 50% : Documentation Catégories de projets 41% 9% OWASP: 50% * Detect * Protect * Life Cycle
OWASP == „Secure SDLC‟
OWASP Avant Le Développement Sensibilisation * OWASP Top 10 * OWASP Top 10 for .NET * OWASP Application Security Desk Reference Project Guidelines * OWASP .NET Project * OWASP Java Project * OWASP Ruby On Rails Project
OWASP Avant Le Développement Formation Flawed Applications * Broken Web Applications / Insecure Web App * Mutillidae / SiteGenerator / Vicnum * WebGoat * WebGoat.NET * iGoat
OWASP Conception & Développement * OWASP Development Guide * OWASP Enterprise API (ESAPI)
OWASP Conception & Développement * OWASP Application Security Verification Standard * OWASP Code Review Project
OWASP Test & Maintenance Tests * OWASP Testing Guide * OWASP Tools : LAPSE , Orizon WebScarab , Zed Attack Proxy .. Maintenance * OWASP CSRFGuard * OWASP ModSecurity Core Rule Set * OWASP Appsensor
OWASP Software Assurance * OWASP CLASP (Comprehensive, Lightweight Application Security Process) * OpenSAMM (Software Assurance Maturity Model )
OWASP … OWASP PCI Project OWASP Mobile Security Project OWASP Cloud Security
Merci Pour Votre Attention OWASP Tunisie

Recommended

Secure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSecure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSebastien Gioria
 
CLUSIR INFONORD OWASP iot 2014
CLUSIR INFONORD OWASP iot 2014CLUSIR INFONORD OWASP iot 2014
CLUSIR INFONORD OWASP iot 2014Sebastien Gioria
 
OWASP, PHP, life and universe
OWASP, PHP, life and universeOWASP, PHP, life and universe
OWASP, PHP, life and universeSebastien Gioria
 
Load & Performance TESTING
Load & Performance TESTINGLoad & Performance TESTING
Load & Performance TESTINGGuido Serra
 
OWASP Bulgaria
OWASP BulgariaOWASP Bulgaria
OWASP BulgariaZero Science Lab
 
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
[OWASP-Bulgaria] G. Geshev - Chapter Introductory LectureG. Geshev
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр АнтухOWASP Russia
 
Uop ntc 324 week 5 individual lab challenge new
Uop ntc 324 week 5 individual lab challenge newUop ntc 324 week 5 individual lab challenge new
Uop ntc 324 week 5 individual lab challenge newolivergeorg
 

Recommended

Secure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSecure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSebastien Gioria
 
CLUSIR INFONORD OWASP iot 2014
CLUSIR INFONORD OWASP iot 2014CLUSIR INFONORD OWASP iot 2014
CLUSIR INFONORD OWASP iot 2014Sebastien Gioria
 
OWASP, PHP, life and universe
OWASP, PHP, life and universeOWASP, PHP, life and universe
OWASP, PHP, life and universeSebastien Gioria
 
Load & Performance TESTING
Load & Performance TESTINGLoad & Performance TESTING
Load & Performance TESTINGGuido Serra
 
OWASP Bulgaria
OWASP BulgariaOWASP Bulgaria
OWASP BulgariaZero Science Lab
 
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
[OWASP-Bulgaria] G. Geshev - Chapter Introductory LectureG. Geshev
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр АнтухOWASP Russia
 
Uop ntc 324 week 5 individual lab challenge new
Uop ntc 324 week 5 individual lab challenge newUop ntc 324 week 5 individual lab challenge new
Uop ntc 324 week 5 individual lab challenge newolivergeorg
 
Power
PowerPower
Powerrubenrodriguez_esteban
 
Despedida uma pequena maravilha
Despedida uma pequena maravilhaDespedida uma pequena maravilha
Despedida uma pequena maravilhaatravessandofronteiras
 
Trabajo
TrabajoTrabajo
TrabajoCrhistafari
 
Hlsaa15022013
Hlsaa15022013Hlsaa15022013
Hlsaa15022013DrMinoara
 
Vantagens agil 3
Vantagens agil 3Vantagens agil 3
Vantagens agil 3Júlio Ferreira
 
La instrumentalització mediatica de la identitat valenciana
La instrumentalització mediatica de la identitat valencianaLa instrumentalització mediatica de la identitat valenciana
La instrumentalització mediatica de la identitat valencianaJoan Ortí Voltas
 
Piecewise Functions 2.pdf
Piecewise Functions 2.pdfPiecewise Functions 2.pdf
Piecewise Functions 2.pdfbwlomas
 
Quality Assurance Quality Enablement
Quality Assurance Quality EnablementQuality Assurance Quality Enablement
Quality Assurance Quality EnablementLeandro Prado
 
Alumnado juana
Alumnado juanaAlumnado juana
Alumnado juanachanerodriguez
 
Back to the basics with ipad’s (1)
Back to the basics with ipad’s (1)Back to the basics with ipad’s (1)
Back to the basics with ipad’s (1)Charles Upshaw
 
Ensayo. monica reyes 1102 july rojas 1103
Ensayo. monica reyes 1102 july rojas 1103 Ensayo. monica reyes 1102 july rojas 1103
Ensayo. monica reyes 1102 july rojas 1103 julyandrea15
 
Prueba de google
Prueba de googlePrueba de google
Prueba de googleanamorejon
 
História da diocese de tianguá
História da diocese de tianguáHistória da diocese de tianguá
História da diocese de tianguáCésar Rocha
 
презентация к занятию русь,россия, родина моя
презентация к занятию русь,россия, родина мояпрезентация к занятию русь,россия, родина моя
презентация к занятию русь,россия, родина мояalexredhill
 
Imatge i Llenguatge Visual - Resum mòduls 3 i 4
Imatge i Llenguatge Visual - Resum mòduls 3 i 4Imatge i Llenguatge Visual - Resum mòduls 3 i 4
Imatge i Llenguatge Visual - Resum mòduls 3 i 4Paquita Ribas
 
Brucella
BrucellaBrucella
BrucellaIngriid Jones
 
Programmable data center
Programmable data centerProgrammable data center
Programmable data centerSeema Jethani
 
Educación y nuevas tecnologías
Educación y nuevas tecnologíasEducación y nuevas tecnologías
Educación y nuevas tecnologíasayecastro
 
Cooperative societies
Cooperative societiesCooperative societies
Cooperative societiesMehul Kanodia
 
Tese a formacao de saberes profissionais da agronomia em contexto de atuacao
Tese a formacao de saberes profissionais da agronomia em contexto de atuacaoTese a formacao de saberes profissionais da agronomia em contexto de atuacao
Tese a formacao de saberes profissionais da agronomia em contexto de atuacaoIgor Bulhões
 
[Wroclaw #5] OWASP Projects: beyond Top 10
[Wroclaw #5] OWASP Projects: beyond Top 10[Wroclaw #5] OWASP Projects: beyond Top 10
[Wroclaw #5] OWASP Projects: beyond Top 10OWASP
 
OWASP Overview of Projects You Can Use Today - DefCamp 2012
OWASP Overview of Projects You Can Use Today - DefCamp 2012OWASP Overview of Projects You Can Use Today - DefCamp 2012
OWASP Overview of Projects You Can Use Today - DefCamp 2012DefCamp
 

More Related Content

Viewers also liked

Hlsaa15022013
Hlsaa15022013Hlsaa15022013
Hlsaa15022013DrMinoara
 
La instrumentalització mediatica de la identitat valenciana
La instrumentalització mediatica de la identitat valencianaLa instrumentalització mediatica de la identitat valenciana
La instrumentalització mediatica de la identitat valencianaJoan Ortí Voltas
 
Piecewise Functions 2.pdf
Piecewise Functions 2.pdfPiecewise Functions 2.pdf
Piecewise Functions 2.pdfbwlomas
 
Quality Assurance Quality Enablement
Quality Assurance Quality EnablementQuality Assurance Quality Enablement
Quality Assurance Quality EnablementLeandro Prado
 
Back to the basics with ipad’s (1)
Back to the basics with ipad’s (1)Back to the basics with ipad’s (1)
Back to the basics with ipad’s (1)Charles Upshaw
 
Ensayo. monica reyes 1102 july rojas 1103
Ensayo. monica reyes 1102 july rojas 1103 Ensayo. monica reyes 1102 july rojas 1103
Ensayo. monica reyes 1102 july rojas 1103 julyandrea15
 
Prueba de google
Prueba de googlePrueba de google
Prueba de googleanamorejon
 
História da diocese de tianguá
História da diocese de tianguáHistória da diocese de tianguá
História da diocese de tianguáCésar Rocha
 
презентация к занятию русь,россия, родина моя
презентация к занятию русь,россия, родина мояпрезентация к занятию русь,россия, родина моя
презентация к занятию русь,россия, родина мояalexredhill
 
Imatge i Llenguatge Visual - Resum mòduls 3 i 4
Imatge i Llenguatge Visual - Resum mòduls 3 i 4Imatge i Llenguatge Visual - Resum mòduls 3 i 4
Imatge i Llenguatge Visual - Resum mòduls 3 i 4Paquita Ribas
 
Programmable data center
Programmable data centerProgrammable data center
Programmable data centerSeema Jethani
 
Educación y nuevas tecnologías
Educación y nuevas tecnologíasEducación y nuevas tecnologías
Educación y nuevas tecnologíasayecastro
 
Cooperative societies
Cooperative societiesCooperative societies
Cooperative societiesMehul Kanodia
 
Tese a formacao de saberes profissionais da agronomia em contexto de atuacao
Tese a formacao de saberes profissionais da agronomia em contexto de atuacaoTese a formacao de saberes profissionais da agronomia em contexto de atuacao
Tese a formacao de saberes profissionais da agronomia em contexto de atuacaoIgor Bulhões
 

Viewers also liked (20)

Power
PowerPower
Power
 
Despedida uma pequena maravilha
Despedida uma pequena maravilhaDespedida uma pequena maravilha
Despedida uma pequena maravilha
 
Trabajo
TrabajoTrabajo
Trabajo
 
Hlsaa15022013
Hlsaa15022013Hlsaa15022013
Hlsaa15022013
 
Vantagens agil 3
Vantagens agil 3Vantagens agil 3
Vantagens agil 3
 
La instrumentalització mediatica de la identitat valenciana
La instrumentalització mediatica de la identitat valencianaLa instrumentalització mediatica de la identitat valenciana
La instrumentalització mediatica de la identitat valenciana
 
Piecewise Functions 2.pdf
Piecewise Functions 2.pdfPiecewise Functions 2.pdf
Piecewise Functions 2.pdf
 
Quality Assurance Quality Enablement
Quality Assurance Quality EnablementQuality Assurance Quality Enablement
Quality Assurance Quality Enablement
 
Alumnado juana
Alumnado juanaAlumnado juana
Alumnado juana
 
Back to the basics with ipad’s (1)
Back to the basics with ipad’s (1)Back to the basics with ipad’s (1)
Back to the basics with ipad’s (1)
 
Ensayo. monica reyes 1102 july rojas 1103
Ensayo. monica reyes 1102 july rojas 1103 Ensayo. monica reyes 1102 july rojas 1103
Ensayo. monica reyes 1102 july rojas 1103
 
Prueba de google
Prueba de googlePrueba de google
Prueba de google
 
História da diocese de tianguá
História da diocese de tianguáHistória da diocese de tianguá
História da diocese de tianguá
 
презентация к занятию русь,россия, родина моя
презентация к занятию русь,россия, родина мояпрезентация к занятию русь,россия, родина моя
презентация к занятию русь,россия, родина моя
 
Imatge i Llenguatge Visual - Resum mòduls 3 i 4
Imatge i Llenguatge Visual - Resum mòduls 3 i 4Imatge i Llenguatge Visual - Resum mòduls 3 i 4
Imatge i Llenguatge Visual - Resum mòduls 3 i 4
 
Brucella
BrucellaBrucella
Brucella
 
Programmable data center
Programmable data centerProgrammable data center
Programmable data center
 
Educación y nuevas tecnologías
Educación y nuevas tecnologíasEducación y nuevas tecnologías
Educación y nuevas tecnologías
 
Cooperative societies
Cooperative societiesCooperative societies
Cooperative societies
 
Tese a formacao de saberes profissionais da agronomia em contexto de atuacao
Tese a formacao de saberes profissionais da agronomia em contexto de atuacaoTese a formacao de saberes profissionais da agronomia em contexto de atuacao
Tese a formacao de saberes profissionais da agronomia em contexto de atuacao
 

Similar to Owasptunisiawebday2011 120112072523-phpapp02

[Wroclaw #5] OWASP Projects: beyond Top 10
[Wroclaw #5] OWASP Projects: beyond Top 10[Wroclaw #5] OWASP Projects: beyond Top 10
[Wroclaw #5] OWASP Projects: beyond Top 10OWASP
 
OWASP Overview of Projects You Can Use Today - DefCamp 2012
OWASP Overview of Projects You Can Use Today - DefCamp 2012OWASP Overview of Projects You Can Use Today - DefCamp 2012
OWASP Overview of Projects You Can Use Today - DefCamp 2012DefCamp
 
Owasp tools - OWASP Serbia
Owasp tools - OWASP SerbiaOwasp tools - OWASP Serbia
Owasp tools - OWASP SerbiaNikola Milosevic
 
Meucci OWASP Pci Milan 09
Meucci OWASP Pci Milan 09Meucci OWASP Pci Milan 09
Meucci OWASP Pci Milan 09Matteo Meucci
 
Owasp london training course 2010 - Matteo Meucci
Owasp london training course 2010 - Matteo MeucciOwasp london training course 2010 - Matteo Meucci
Owasp london training course 2010 - Matteo MeucciMatteo Meucci
 
SARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma SehgalSARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma SehgalVandana Verma
 
OWASP DefectDojo - Open Source Security Sanity
OWASP DefectDojo - Open Source Security SanityOWASP DefectDojo - Open Source Security Sanity
OWASP DefectDojo - Open Source Security SanityMatt Tesauro
 
Building Secure Mashups With OpenAjax
Building Secure Mashups With OpenAjaxBuilding Secure Mashups With OpenAjax
Building Secure Mashups With OpenAjaxelliando dias
 
Shake Hooves With BeEF - OWASP AppSec APAC 2012
Shake Hooves With BeEF - OWASP AppSec APAC 2012Shake Hooves With BeEF - OWASP AppSec APAC 2012
Shake Hooves With BeEF - OWASP AppSec APAC 2012Christian Frichot
 
WSO2Con Asia 2014 - WSO2 AppDev Platform for the Connected Business
WSO2Con Asia 2014 - WSO2 AppDev Platform for the Connected BusinessWSO2Con Asia 2014 - WSO2 AppDev Platform for the Connected Business
WSO2Con Asia 2014 - WSO2 AppDev Platform for the Connected BusinessWSO2
 
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and BeyondPriyanka Aash
 
Kick Start your Application Development and Management Strategy
Kick Start your Application Development and Management Strategy Kick Start your Application Development and Management Strategy
Kick Start your Application Development and Management Strategy WSO2
 
LF_APIStrat17_Keep Your Swagger On
LF_APIStrat17_Keep Your Swagger OnLF_APIStrat17_Keep Your Swagger On
LF_APIStrat17_Keep Your Swagger OnLF_APIStrat
 
ocejwsd 6 preparation guide
ocejwsd 6 preparation guideocejwsd 6 preparation guide
ocejwsd 6 preparation guideGanesh P
 

Similar to Owasptunisiawebday2011 120112072523-phpapp02 (20)

[Wroclaw #5] OWASP Projects: beyond Top 10
[Wroclaw #5] OWASP Projects: beyond Top 10[Wroclaw #5] OWASP Projects: beyond Top 10
[Wroclaw #5] OWASP Projects: beyond Top 10
 
OWASP Overview of Projects You Can Use Today - DefCamp 2012
OWASP Overview of Projects You Can Use Today - DefCamp 2012OWASP Overview of Projects You Can Use Today - DefCamp 2012
OWASP Overview of Projects You Can Use Today - DefCamp 2012
 
Owasp tools - OWASP Serbia
Owasp tools - OWASP SerbiaOwasp tools - OWASP Serbia
Owasp tools - OWASP Serbia
 
Owasp Serbia overview
Owasp Serbia overviewOwasp Serbia overview
Owasp Serbia overview
 
Meucci OWASP Pci Milan 09
Meucci OWASP Pci Milan 09Meucci OWASP Pci Milan 09
Meucci OWASP Pci Milan 09
 
Owasp london training course 2010 - Matteo Meucci
Owasp london training course 2010 - Matteo MeucciOwasp london training course 2010 - Matteo Meucci
Owasp london training course 2010 - Matteo Meucci
 
SARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma SehgalSARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma Sehgal
 
OWASP DefectDojo - Open Source Security Sanity
OWASP DefectDojo - Open Source Security SanityOWASP DefectDojo - Open Source Security Sanity
OWASP DefectDojo - Open Source Security Sanity
 
Building Secure Mashups With OpenAjax
Building Secure Mashups With OpenAjaxBuilding Secure Mashups With OpenAjax
Building Secure Mashups With OpenAjax
 
OWASP an Introduction
OWASP an Introduction OWASP an Introduction
OWASP an Introduction
 
Locust Fear
Locust FearLocust Fear
Locust Fear
 
Shake Hooves With BeEF - OWASP AppSec APAC 2012
Shake Hooves With BeEF - OWASP AppSec APAC 2012Shake Hooves With BeEF - OWASP AppSec APAC 2012
Shake Hooves With BeEF - OWASP AppSec APAC 2012
 
WSO2Con Asia 2014 - WSO2 AppDev Platform for the Connected Business
WSO2Con Asia 2014 - WSO2 AppDev Platform for the Connected BusinessWSO2Con Asia 2014 - WSO2 AppDev Platform for the Connected Business
WSO2Con Asia 2014 - WSO2 AppDev Platform for the Connected Business
 
WSO2 AppDev platform
WSO2 AppDev platformWSO2 AppDev platform
WSO2 AppDev platform
 
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
 
Kick Start your Application Development and Management Strategy
Kick Start your Application Development and Management Strategy Kick Start your Application Development and Management Strategy
Kick Start your Application Development and Management Strategy
 
LF_APIStrat17_Keep Your Swagger On
LF_APIStrat17_Keep Your Swagger OnLF_APIStrat17_Keep Your Swagger On
LF_APIStrat17_Keep Your Swagger On
 
2014 09-04-pj
2014 09-04-pj2014 09-04-pj
2014 09-04-pj
 
Web Application Defences
Web Application DefencesWeb Application Defences
Web Application Defences
 
ocejwsd 6 preparation guide
ocejwsd 6 preparation guideocejwsd 6 preparation guide
ocejwsd 6 preparation guide
 

Recently uploaded

Vashi Escorts, {Pooja 09892124323}, Vashi Call Girls
Vashi Escorts, {Pooja 09892124323}, Vashi Call GirlsVashi Escorts, {Pooja 09892124323}, Vashi Call Girls
Vashi Escorts, {Pooja 09892124323}, Vashi Call GirlsPooja Nehwal
 
Dynamics of Destructive Polarisation in Mainstream and Social Media: The Case...
Dynamics of Destructive Polarisation in Mainstream and Social Media: The Case...Dynamics of Destructive Polarisation in Mainstream and Social Media: The Case...
Dynamics of Destructive Polarisation in Mainstream and Social Media: The Case...Axel Bruns
 
Defensa de JOH insiste que testimonio de analista de la DEA es falso y solici...
Defensa de JOH insiste que testimonio de analista de la DEA es falso y solici...Defensa de JOH insiste que testimonio de analista de la DEA es falso y solici...
Defensa de JOH insiste que testimonio de analista de la DEA es falso y solici...AlexisTorres963861
 
How Europe Underdeveloped Africa_walter.pdf
How Europe Underdeveloped Africa_walter.pdfHow Europe Underdeveloped Africa_walter.pdf
How Europe Underdeveloped Africa_walter.pdfLorenzo Lemes
 
Nurturing Families, Empowering Lives: TDP's Vision for Family Welfare in Andh...
Nurturing Families, Empowering Lives: TDP's Vision for Family Welfare in Andh...Nurturing Families, Empowering Lives: TDP's Vision for Family Welfare in Andh...
Nurturing Families, Empowering Lives: TDP's Vision for Family Welfare in Andh...narsireddynannuri1
 
25042024_First India Newspaper Jaipur.pdf
25042024_First India Newspaper Jaipur.pdf25042024_First India Newspaper Jaipur.pdf
25042024_First India Newspaper Jaipur.pdfFIRST INDIA
 
Israel Palestine Conflict, The issue and historical context!
Israel Palestine Conflict, The issue and historical context!Israel Palestine Conflict, The issue and historical context!
Israel Palestine Conflict, The issue and historical context!Krish109503
 
26042024_First India Newspaper Jaipur.pdf
26042024_First India Newspaper Jaipur.pdf26042024_First India Newspaper Jaipur.pdf
26042024_First India Newspaper Jaipur.pdfFIRST INDIA
 
Different Frontiers of Social Media War in Indonesia Elections 2024
Different Frontiers of Social Media War in Indonesia Elections 2024Different Frontiers of Social Media War in Indonesia Elections 2024
Different Frontiers of Social Media War in Indonesia Elections 2024Ismail Fahmi
 
2024 03 13 AZ GOP LD4 Gen Meeting Minutes_FINAL.docx
2024 03 13 AZ GOP LD4 Gen Meeting Minutes_FINAL.docx2024 03 13 AZ GOP LD4 Gen Meeting Minutes_FINAL.docx
2024 03 13 AZ GOP LD4 Gen Meeting Minutes_FINAL.docxkfjstone13
 
AP Election Survey 2024: TDP-Janasena-BJP Alliance Set To Sweep Victory
AP Election Survey 2024: TDP-Janasena-BJP Alliance Set To Sweep VictoryAP Election Survey 2024: TDP-Janasena-BJP Alliance Set To Sweep Victory
AP Election Survey 2024: TDP-Janasena-BJP Alliance Set To Sweep Victoryanjanibaddipudi1
 
23042024_First India Newspaper Jaipur.pdf
23042024_First India Newspaper Jaipur.pdf23042024_First India Newspaper Jaipur.pdf
23042024_First India Newspaper Jaipur.pdfFIRST INDIA
 
Roberts Rules Cheat Sheet for LD4 Precinct Commiteemen
Roberts Rules Cheat Sheet for LD4 Precinct CommiteemenRoberts Rules Cheat Sheet for LD4 Precinct Commiteemen
Roberts Rules Cheat Sheet for LD4 Precinct Commiteemenkfjstone13
 
Lorenzo D'Emidio_Lavoro sullaNorth Korea .pptx
Lorenzo D'Emidio_Lavoro sullaNorth Korea .pptxLorenzo D'Emidio_Lavoro sullaNorth Korea .pptx
Lorenzo D'Emidio_Lavoro sullaNorth Korea .pptxlorenzodemidio01
 
Brief biography of Julius Robert Oppenheimer
Brief biography of Julius Robert OppenheimerBrief biography of Julius Robert Oppenheimer
Brief biography of Julius Robert OppenheimerOmarCabrera39
 
Manipur-Book-Final-2-compressed.pdfsal'rpk
Manipur-Book-Final-2-compressed.pdfsal'rpkManipur-Book-Final-2-compressed.pdfsal'rpk
Manipur-Book-Final-2-compressed.pdfsal'rpkbhavenpr
 
HARNESSING AI FOR ENHANCED MEDIA ANALYSIS A CASE STUDY ON CHATGPT AT DRONE EM...
HARNESSING AI FOR ENHANCED MEDIA ANALYSIS A CASE STUDY ON CHATGPT AT DRONE EM...HARNESSING AI FOR ENHANCED MEDIA ANALYSIS A CASE STUDY ON CHATGPT AT DRONE EM...
HARNESSING AI FOR ENHANCED MEDIA ANALYSIS A CASE STUDY ON CHATGPT AT DRONE EM...Ismail Fahmi
 
KAHULUGAN AT KAHALAGAHAN NG GAWAING PANSIBIKO.pptx
KAHULUGAN AT KAHALAGAHAN NG GAWAING PANSIBIKO.pptxKAHULUGAN AT KAHALAGAHAN NG GAWAING PANSIBIKO.pptx
KAHULUGAN AT KAHALAGAHAN NG GAWAING PANSIBIKO.pptxjohnandrewcarlos
 
Call Girls in Mira Road Mumbai ( Neha 09892124323 ) College Escorts Service i...
Call Girls in Mira Road Mumbai ( Neha 09892124323 ) College Escorts Service i...Call Girls in Mira Road Mumbai ( Neha 09892124323 ) College Escorts Service i...
Call Girls in Mira Road Mumbai ( Neha 09892124323 ) College Escorts Service i...Pooja Nehwal
 
College Call Girls Kolhapur Aanya 8617697112 Independent Escort Service Kolhapur
College Call Girls Kolhapur Aanya 8617697112 Independent Escort Service KolhapurCollege Call Girls Kolhapur Aanya 8617697112 Independent Escort Service Kolhapur
College Call Girls Kolhapur Aanya 8617697112 Independent Escort Service KolhapurCall girls in Ahmedabad High profile
 

Recently uploaded (20)

Vashi Escorts, {Pooja 09892124323}, Vashi Call Girls
Vashi Escorts, {Pooja 09892124323}, Vashi Call GirlsVashi Escorts, {Pooja 09892124323}, Vashi Call Girls
Vashi Escorts, {Pooja 09892124323}, Vashi Call Girls
 
Dynamics of Destructive Polarisation in Mainstream and Social Media: The Case...
Dynamics of Destructive Polarisation in Mainstream and Social Media: The Case...Dynamics of Destructive Polarisation in Mainstream and Social Media: The Case...
Dynamics of Destructive Polarisation in Mainstream and Social Media: The Case...
 
Defensa de JOH insiste que testimonio de analista de la DEA es falso y solici...
Defensa de JOH insiste que testimonio de analista de la DEA es falso y solici...Defensa de JOH insiste que testimonio de analista de la DEA es falso y solici...
Defensa de JOH insiste que testimonio de analista de la DEA es falso y solici...
 
How Europe Underdeveloped Africa_walter.pdf
How Europe Underdeveloped Africa_walter.pdfHow Europe Underdeveloped Africa_walter.pdf
How Europe Underdeveloped Africa_walter.pdf
 
Nurturing Families, Empowering Lives: TDP's Vision for Family Welfare in Andh...
Nurturing Families, Empowering Lives: TDP's Vision for Family Welfare in Andh...Nurturing Families, Empowering Lives: TDP's Vision for Family Welfare in Andh...
Nurturing Families, Empowering Lives: TDP's Vision for Family Welfare in Andh...
 
25042024_First India Newspaper Jaipur.pdf
25042024_First India Newspaper Jaipur.pdf25042024_First India Newspaper Jaipur.pdf
25042024_First India Newspaper Jaipur.pdf
 
Israel Palestine Conflict, The issue and historical context!
Israel Palestine Conflict, The issue and historical context!Israel Palestine Conflict, The issue and historical context!
Israel Palestine Conflict, The issue and historical context!
 
26042024_First India Newspaper Jaipur.pdf
26042024_First India Newspaper Jaipur.pdf26042024_First India Newspaper Jaipur.pdf
26042024_First India Newspaper Jaipur.pdf
 
Different Frontiers of Social Media War in Indonesia Elections 2024
Different Frontiers of Social Media War in Indonesia Elections 2024Different Frontiers of Social Media War in Indonesia Elections 2024
Different Frontiers of Social Media War in Indonesia Elections 2024
 
2024 03 13 AZ GOP LD4 Gen Meeting Minutes_FINAL.docx
2024 03 13 AZ GOP LD4 Gen Meeting Minutes_FINAL.docx2024 03 13 AZ GOP LD4 Gen Meeting Minutes_FINAL.docx
2024 03 13 AZ GOP LD4 Gen Meeting Minutes_FINAL.docx
 
AP Election Survey 2024: TDP-Janasena-BJP Alliance Set To Sweep Victory
AP Election Survey 2024: TDP-Janasena-BJP Alliance Set To Sweep VictoryAP Election Survey 2024: TDP-Janasena-BJP Alliance Set To Sweep Victory
AP Election Survey 2024: TDP-Janasena-BJP Alliance Set To Sweep Victory
 
23042024_First India Newspaper Jaipur.pdf
23042024_First India Newspaper Jaipur.pdf23042024_First India Newspaper Jaipur.pdf
23042024_First India Newspaper Jaipur.pdf
 
Roberts Rules Cheat Sheet for LD4 Precinct Commiteemen
Roberts Rules Cheat Sheet for LD4 Precinct CommiteemenRoberts Rules Cheat Sheet for LD4 Precinct Commiteemen
Roberts Rules Cheat Sheet for LD4 Precinct Commiteemen
 
Lorenzo D'Emidio_Lavoro sullaNorth Korea .pptx
Lorenzo D'Emidio_Lavoro sullaNorth Korea .pptxLorenzo D'Emidio_Lavoro sullaNorth Korea .pptx
Lorenzo D'Emidio_Lavoro sullaNorth Korea .pptx
 
Brief biography of Julius Robert Oppenheimer
Brief biography of Julius Robert OppenheimerBrief biography of Julius Robert Oppenheimer
Brief biography of Julius Robert Oppenheimer
 
Manipur-Book-Final-2-compressed.pdfsal'rpk
Manipur-Book-Final-2-compressed.pdfsal'rpkManipur-Book-Final-2-compressed.pdfsal'rpk
Manipur-Book-Final-2-compressed.pdfsal'rpk
 
HARNESSING AI FOR ENHANCED MEDIA ANALYSIS A CASE STUDY ON CHATGPT AT DRONE EM...
HARNESSING AI FOR ENHANCED MEDIA ANALYSIS A CASE STUDY ON CHATGPT AT DRONE EM...HARNESSING AI FOR ENHANCED MEDIA ANALYSIS A CASE STUDY ON CHATGPT AT DRONE EM...
HARNESSING AI FOR ENHANCED MEDIA ANALYSIS A CASE STUDY ON CHATGPT AT DRONE EM...
 
KAHULUGAN AT KAHALAGAHAN NG GAWAING PANSIBIKO.pptx
KAHULUGAN AT KAHALAGAHAN NG GAWAING PANSIBIKO.pptxKAHULUGAN AT KAHALAGAHAN NG GAWAING PANSIBIKO.pptx
KAHULUGAN AT KAHALAGAHAN NG GAWAING PANSIBIKO.pptx
 
Call Girls in Mira Road Mumbai ( Neha 09892124323 ) College Escorts Service i...
Call Girls in Mira Road Mumbai ( Neha 09892124323 ) College Escorts Service i...Call Girls in Mira Road Mumbai ( Neha 09892124323 ) College Escorts Service i...
Call Girls in Mira Road Mumbai ( Neha 09892124323 ) College Escorts Service i...
 
College Call Girls Kolhapur Aanya 8617697112 Independent Escort Service Kolhapur
College Call Girls Kolhapur Aanya 8617697112 Independent Escort Service KolhapurCollege Call Girls Kolhapur Aanya 8617697112 Independent Escort Service Kolhapur
College Call Girls Kolhapur Aanya 8617697112 Independent Escort Service Kolhapur
 

Owasptunisiawebday2011 120112072523-phpapp02

  • 1. OWASP Tunisia Chapter The OWASP Foundation http://www.owasp.org Les Standards OWASP Tunisia WebDays 2011 Semeh Arbi OWASP Tunisia Chapter Email : semeh.arbi@owasp.org Décembre 2011
  • 2. OWASP ??!!!!! (OWASP) : Open Web Application Security Project * Organization internationale à but non-lucratif * Indépendante des fournisseurs et des gouvernements * Sponsorisé par les membres ou par des entreprises Mission Principale : * Produire des documents , standards et outils dédiés à la sécurité des applications Web
  • 3. License Approch == “OPEN” * Toutes les documentations, standards et outils sont fournis sous une license open-source. GFDL GPL BSD License Creative Commons
  • 4. Organisation OWASP OWASP Conferences OWASP Governance OWASP Wiki OWASP OWASP Tools Chapter OWASP Foundation (501c3) OWASP Leaders Lists OWASP OWASP Board of Board of Operation Technical Books Project Directors Advisors Director Director Leaders OWASP Community
  • 7. OWASP vs Compliance * ISO * SOX * SAS70 * PCI DSS
  • 8. Initiatives Building Guide Top 10 Training CLASP Conferences Ajax WebGoat Orizon CBT .NET, Java Chapters Testing Guide Project incubator WebScarab Wiki portal Validation Forums Certification Blogs
  • 9. 9% : Code 41% : Outils 50% : Documentation Catégories de projets 41% 9% OWASP: 50% * Detect * Protect * Life Cycle
  • 11. OWASP Avant Le Développement Sensibilisation * OWASP Top 10 * OWASP Top 10 for .NET * OWASP Application Security Desk Reference Project Guidelines * OWASP .NET Project * OWASP Java Project * OWASP Ruby On Rails Project
  • 12. OWASP Avant Le Développement Formation Flawed Applications * Broken Web Applications / Insecure Web App * Mutillidae / SiteGenerator / Vicnum * WebGoat * WebGoat.NET * iGoat
  • 13. OWASP Conception & Développement * OWASP Development Guide * OWASP Enterprise API (ESAPI)
  • 14. OWASP Conception & Développement * OWASP Application Security Verification Standard * OWASP Code Review Project
  • 15. OWASP Test & Maintenance Tests * OWASP Testing Guide * OWASP Tools : LAPSE , Orizon WebScarab , Zed Attack Proxy .. Maintenance * OWASP CSRFGuard * OWASP ModSecurity Core Rule Set * OWASP Appsensor
  • 16. OWASP Software Assurance * OWASP CLASP (Comprehensive, Lightweight Application Security Process) * OpenSAMM (Software Assurance Maturity Model )
  • 17. OWASP … OWASP PCI Project OWASP Mobile Security Project OWASP Cloud Security
  • 18. Merci Pour Votre Attention OWASP Tunisie

Editor's Notes

  1. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  2. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  3. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  4. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  5. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  6. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  7. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  8. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  9. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  10. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  11. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  12. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  13. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  14. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  15. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  16. Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.