Owasp tunisia web day 2011

852 views

Published on

Presentation of OWASP Tunisia during the Tunisia Webdays 2011

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
852
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
11
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Open Web Application Security Project (OWASP) is a not-for-profit worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative, open way.Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
  • Owasp tunisia web day 2011

    1. 1. OWASP Tunisia Chapter The OWASP Foundation http://www.owasp.org Les Standards OWASP Tunisia WebDays 2011 Semeh Arbi OWASP Tunisia Chapter Email : semeh.arbi@owasp.orgDécembre 2011
    2. 2. OWASP ??!!!!!(OWASP) : Open Web Application Security Project* Organization internationale à but non-lucratif* Indépendante des fournisseurs et des gouvernements* Sponsorisé par les membres ou par des entreprisesMission Principale :* Produire des documents , standards et outils dédiés à lasécurité des applications Web
    3. 3. LicenseApproch == “OPEN”* Toutes les documentations, standards et outils sont fournis sous une license open-source. GFDL GPL BSD License Creative Commons
    4. 4. OrganisationOWASP OWASPConferences OWASP Governance OWASP Wiki OWASP OWASP Tools Chapter OWASP Foundation (501c3) OWASP Leaders Lists OWASP OWASP Board of Board of Operation Technical Books Project Directors Advisors Director Director Leaders OWASPCommunity
    5. 5. Chapitres
    6. 6. Support
    7. 7. OWASP vs Compliance * ISO * SOX * SAS70 * PCI DSS
    8. 8. Initiatives Building Guide Top 10 Training CLASP Conferences Ajax WebGoat Orizon CBT .NET, Java ChaptersTesting Guide Project incubator WebScarab Wiki portal Validation Forums Certification Blogs
    9. 9. 9% : Code41% : Outils50% : Documentation Catégories de projets 41% 9% OWASP: 50% * Detect * Protect * Life Cycle
    10. 10. OWASP == „Secure SDLC‟
    11. 11. OWASP Avant Le DéveloppementSensibilisation* OWASP Top 10* OWASP Top 10 for .NET* OWASP Application Security Desk Reference ProjectGuidelines* OWASP .NET Project* OWASP Java Project* OWASP Ruby On Rails Project
    12. 12. OWASP Avant Le DéveloppementFormationFlawed Applications* Broken Web Applications / Insecure Web App* Mutillidae / SiteGenerator / Vicnum* WebGoat* WebGoat.NET* iGoat
    13. 13. OWASP Conception & Développement* OWASP Development Guide* OWASP Enterprise API (ESAPI)
    14. 14. OWASP Conception & Développement* OWASP Application Security Verification Standard* OWASP Code Review Project
    15. 15. OWASP Test & MaintenanceTests* OWASP Testing Guide* OWASP Tools : LAPSE , Orizon WebScarab , Zed Attack Proxy ..Maintenance* OWASP CSRFGuard* OWASP ModSecurity Core Rule Set* OWASP Appsensor
    16. 16. OWASP Software Assurance* OWASP CLASP (Comprehensive, Lightweight Application Security Process)* OpenSAMM (Software Assurance Maturity Model )
    17. 17. OWASP …OWASP PCI ProjectOWASP Mobile Security ProjectOWASP Cloud Security
    18. 18. Merci Pour Votre Attention OWASP Tunisie

    ×