SlideShare a Scribd company logo

OWASP Community Lviv Organization, Methodology, Projects and Tools

Download as PPTX, PDF
T
Tjylen Veselyj

The document discusses the OWASP organization, its goals of independence, innovation, integrity, and education. It has over 140 projects and 30,000 subscribers worldwide. Projects include tools like WebScarab, Zed Attack Proxy, and code analysis projects like GoatDroid and Mantra. OWASP creates application security standards, guides for code review, testing, and development.

1 of 17
OWASP Community Lviv Organization, Methodology, Projects and Tools Nazar Tymoshyk, Security Consultant, R&D Team, SoftServe August, 2012
About me Security consultant @ Security certified: Security interests: PenTest, SE, WebSec Researches: VMI,Honeynets, IDS Member: Personal interests: Researching, Skiing and Rock Climbing
Standard for Application security 3
Over 140 Projects
Over 30,000 Subscribers 5
World wide Events InfoSec Conference AppSec Conference
Goals of organization Independence Common standard for application Innovative security Integrity App excellence Education Linked to Life
DETECT PROTECT ECOSYSTEM 8
Tools DETECT PROTECT WebScarab AntiSamy .NET/Java Zed Attack Proxy ModSecurity CRS Live CD Enterprise Security API Code Crawler
Perspective projects GoatDroid Mobile Security iGoat Wapiti Mantra WAF AppSensor NAXSI
TOP 10 11
Application Security Verification Standard 12
Code Review Guide 13
Testing Guide 14
Development Guide 15
Software Assurance Maturity Model (SAMM) …for next session.
OWASP Community Lviv Organization, Methodology, Projects and Tools

Recommended

Infosec for web apps 2014_18november2014
Infosec for web apps 2014_18november2014Infosec for web apps 2014_18november2014
Infosec for web apps 2014_18november2014Directorate of Information Security | Ditjen Aptika
 
VGTU Intro to Threats 2015
VGTU Intro to Threats 2015VGTU Intro to Threats 2015
VGTU Intro to Threats 2015slicklash
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLooking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLudovic Petit
 
This World of Ours
This World of OursThis World of Ours
This World of Oursslicklash
 
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...Cristian Garcia G.
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure SentinelBGA Cyber Security
 
Introduction to Threat Modeling
Introduction to Threat ModelingIntroduction to Threat Modeling
Introduction to Threat Modelingslicklash
 
Owasp and friends
Owasp and friendsOwasp and friends
Owasp and friendsMažvydas Skuodas
 

Recommended

Infosec for web apps 2014_18november2014
Infosec for web apps 2014_18november2014Infosec for web apps 2014_18november2014
Infosec for web apps 2014_18november2014Directorate of Information Security | Ditjen Aptika
 
VGTU Intro to Threats 2015
VGTU Intro to Threats 2015VGTU Intro to Threats 2015
VGTU Intro to Threats 2015slicklash
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLooking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLudovic Petit
 
This World of Ours
This World of OursThis World of Ours
This World of Oursslicklash
 
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...Cristian Garcia G.
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure SentinelBGA Cyber Security
 
Introduction to Threat Modeling
Introduction to Threat ModelingIntroduction to Threat Modeling
Introduction to Threat Modelingslicklash
 
Owasp and friends
Owasp and friendsOwasp and friends
Owasp and friendsMažvydas Skuodas
 
Internship brochure
Internship brochureInternship brochure
Internship brochureFixNix Inc.,
 
F5 Networks- Why Legacy Security Systems are Failing
F5 Networks- Why Legacy Security Systems are FailingF5 Networks- Why Legacy Security Systems are Failing
F5 Networks- Why Legacy Security Systems are FailingGlobal Business Events
 
Secure Coding 2013
Secure Coding 2013 Secure Coding 2013
Secure Coding 2013 The eCore Group
 
Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019African Cyber Security Summit
 
Sécurité by design + Cloud = Infrastructure as Code par Sergio LOURIERO
Sécurité by design + Cloud = Infrastructure as Code par Sergio LOURIEROSécurité by design + Cloud = Infrastructure as Code par Sergio LOURIERO
Sécurité by design + Cloud = Infrastructure as Code par Sergio LOURIEROTelecomValley
 
security in development lifecycle
security in development lifecyclesecurity in development lifecycle
security in development lifecycleTelecomValley
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...TelecomValley
 
Anatomy Of Web App
Anatomy Of Web AppAnatomy Of Web App
Anatomy Of Web AppAung Khant
 
개발자가 알아야 할 보안
개발자가 알아야 할 보안개발자가 알아야 할 보안
개발자가 알아야 할 보안Johnny Cho
 
Data Center Security Challenges
Data Center Security ChallengesData Center Security Challenges
Data Center Security ChallengesCisco Security
 
Dotnetsecurecodingpractices
DotnetsecurecodingpracticesDotnetsecurecodingpractices
DotnetsecurecodingpracticesAung Khant
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemCodero
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
Application Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testersApplication Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testersGustavo Nieves Arreaza
 
Web appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practicesWeb appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practicesPotato
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersCisco Security
 
Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?S&T Consulting Hungary
 
Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017Satheesh Kumar V
 
Dev week cloud world conf2021
Dev week cloud world conf2021Dev week cloud world conf2021
Dev week cloud world conf2021Archana Joshi
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
六合彩香港-六合彩
六合彩香港-六合彩六合彩香港-六合彩
六合彩香港-六合彩baoyin
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsIBM Security
 

More Related Content

What's hot

Internship brochure
Internship brochureInternship brochure
Internship brochureFixNix Inc.,
 
F5 Networks- Why Legacy Security Systems are Failing
F5 Networks- Why Legacy Security Systems are FailingF5 Networks- Why Legacy Security Systems are Failing
F5 Networks- Why Legacy Security Systems are FailingGlobal Business Events
 
Sécurité by design + Cloud = Infrastructure as Code par Sergio LOURIERO
Sécurité by design + Cloud = Infrastructure as Code par Sergio LOURIEROSécurité by design + Cloud = Infrastructure as Code par Sergio LOURIERO
Sécurité by design + Cloud = Infrastructure as Code par Sergio LOURIEROTelecomValley
 
security in development lifecycle
security in development lifecyclesecurity in development lifecycle
security in development lifecycleTelecomValley
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...TelecomValley
 
Anatomy Of Web App
Anatomy Of Web AppAnatomy Of Web App
Anatomy Of Web AppAung Khant
 
개발자가 알아야 할 보안
개발자가 알아야 할 보안개발자가 알아야 할 보안
개발자가 알아야 할 보안Johnny Cho
 
Data Center Security Challenges
Data Center Security ChallengesData Center Security Challenges
Data Center Security ChallengesCisco Security
 
Dotnetsecurecodingpractices
DotnetsecurecodingpracticesDotnetsecurecodingpractices
DotnetsecurecodingpracticesAung Khant
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemCodero
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
Application Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testersApplication Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testersGustavo Nieves Arreaza
 
Web appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practicesWeb appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practicesPotato
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersCisco Security
 
Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?S&T Consulting Hungary
 
Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017Satheesh Kumar V
 
Dev week cloud world conf2021
Dev week cloud world conf2021Dev week cloud world conf2021
Dev week cloud world conf2021Archana Joshi
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 

What's hot (20)

Internship brochure
Internship brochureInternship brochure
Internship brochure
 
F5 Networks- Why Legacy Security Systems are Failing
F5 Networks- Why Legacy Security Systems are FailingF5 Networks- Why Legacy Security Systems are Failing
F5 Networks- Why Legacy Security Systems are Failing
 
Secure Coding 2013
Secure Coding 2013 Secure Coding 2013
Secure Coding 2013
 
Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019
 
Sécurité by design + Cloud = Infrastructure as Code par Sergio LOURIERO
Sécurité by design + Cloud = Infrastructure as Code par Sergio LOURIEROSécurité by design + Cloud = Infrastructure as Code par Sergio LOURIERO
Sécurité by design + Cloud = Infrastructure as Code par Sergio LOURIERO
 
security in development lifecycle
security in development lifecyclesecurity in development lifecycle
security in development lifecycle
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
 
Anatomy Of Web App
Anatomy Of Web AppAnatomy Of Web App
Anatomy Of Web App
 
개발자가 알아야 할 보안
개발자가 알아야 할 보안개발자가 알아야 할 보안
개발자가 알아야 할 보안
 
Data Center Security Challenges
Data Center Security ChallengesData Center Security Challenges
Data Center Security Challenges
 
Dotnetsecurecodingpractices
DotnetsecurecodingpracticesDotnetsecurecodingpractices
Dotnetsecurecodingpractices
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall
 
Application Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testersApplication Security Testing for Software Engineers ,Developers and testers
Application Security Testing for Software Engineers ,Developers and testers
 
Web appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practicesWeb appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practices
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service Providers
 
Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?
 
Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017
 
Dev week cloud world conf2021
Dev week cloud world conf2021Dev week cloud world conf2021
Dev week cloud world conf2021
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 

Similar to OWASP Community Lviv Organization, Methodology, Projects and Tools

六合彩香港-六合彩
六合彩香港-六合彩六合彩香港-六合彩
六合彩香港-六合彩baoyin
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsIBM Security
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsBlack Duck by Synopsys
 
Cloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudCloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudTjylen Veselyj
 
Fendley how secure is your e learning
Fendley how secure is your e learningFendley how secure is your e learning
Fendley how secure is your e learningBryan Fendley
 
Alfresco Virtual DevCon 2020 - Security First!
Alfresco Virtual DevCon 2020 - Security First!Alfresco Virtual DevCon 2020 - Security First!
Alfresco Virtual DevCon 2020 - Security First!Jason Jolley
 
Setting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSetting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSebastien Deleersnyder
 
Secure SDLC in mobile software development.
Secure SDLC in mobile software development.Secure SDLC in mobile software development.
Secure SDLC in mobile software development.Mykhailo Antonishyn
 
OWASP Overview of Projects You Can Use Today - DefCamp 2012
OWASP Overview of Projects You Can Use Today - DefCamp 2012OWASP Overview of Projects You Can Use Today - DefCamp 2012
OWASP Overview of Projects You Can Use Today - DefCamp 2012DefCamp
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersIBM Security
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft
 
10 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 202310 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 2023SofiaCarter4
 
The DevSecOps Advantage: A Comprehensive Guide
The DevSecOps Advantage: A Comprehensive Guide The DevSecOps Advantage: A Comprehensive Guide
The DevSecOps Advantage: A Comprehensive Guide Dev Software
 
Managed security services
Managed security servicesManaged security services
Managed security servicesmanoharparakh
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityAnne Oikarinen
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008tswong
 
Software Security Initiative And Capability Maturity Models
Software Security Initiative And Capability Maturity ModelsSoftware Security Initiative And Capability Maturity Models
Software Security Initiative And Capability Maturity ModelsMarco Morana
 
WHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN IT
WHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN ITWHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN IT
WHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN ITTekRevol LLC
 

Similar to OWASP Community Lviv Organization, Methodology, Projects and Tools (20)

六合彩香港-六合彩
六合彩香港-六合彩六合彩香港-六合彩
六合彩香港-六合彩
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOps
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOps
 
Cloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudCloud Security vs Security in the Cloud
Cloud Security vs Security in the Cloud
 
Fendley how secure is your e learning
Fendley how secure is your e learningFendley how secure is your e learning
Fendley how secure is your e learning
 
Alfresco Virtual DevCon 2020 - Security First!
Alfresco Virtual DevCon 2020 - Security First!Alfresco Virtual DevCon 2020 - Security First!
Alfresco Virtual DevCon 2020 - Security First!
 
Setting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSetting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyder
 
Secure SDLC in mobile software development.
Secure SDLC in mobile software development.Secure SDLC in mobile software development.
Secure SDLC in mobile software development.
 
Introduction to Application Security Testing
Introduction to Application Security TestingIntroduction to Application Security Testing
Introduction to Application Security Testing
 
OWASP Overview of Projects You Can Use Today - DefCamp 2012
OWASP Overview of Projects You Can Use Today - DefCamp 2012OWASP Overview of Projects You Can Use Today - DefCamp 2012
OWASP Overview of Projects You Can Use Today - DefCamp 2012
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security Threats
 
10 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 202310 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 2023
 
The DevSecOps Advantage: A Comprehensive Guide
The DevSecOps Advantage: A Comprehensive Guide The DevSecOps Advantage: A Comprehensive Guide
The DevSecOps Advantage: A Comprehensive Guide
 
Managed security services
Managed security servicesManaged security services
Managed security services
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software Security
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008
 
Software Security Initiative And Capability Maturity Models
Software Security Initiative And Capability Maturity ModelsSoftware Security Initiative And Capability Maturity Models
Software Security Initiative And Capability Maturity Models
 
WHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN IT
WHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN ITWHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN IT
WHAT IS APP SECURITY – THE COMPLETE PROCESS AND THE TOOLS & TESTS TO RUN IT
 
Webinar–That is Not How This Works
Webinar–That is Not How This WorksWebinar–That is Not How This Works
Webinar–That is Not How This Works
 

More from Tjylen Veselyj

Web Application Firewall (WAF) DAST/SAST combination
Web Application Firewall (WAF) DAST/SAST combinationWeb Application Firewall (WAF) DAST/SAST combination
Web Application Firewall (WAF) DAST/SAST combinationTjylen Veselyj
 
Intro to Security in SDLC
Intro to Security in SDLCIntro to Security in SDLC
Intro to Security in SDLCTjylen Veselyj
 
Welcome to the world of hacking
Welcome to the world of hackingWelcome to the world of hacking
Welcome to the world of hackingTjylen Veselyj
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012Tjylen Veselyj
 
Virtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the CloudVirtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the CloudTjylen Veselyj
 
Security hole #5 application security science or quality assurance
Security hole #5 application security science or quality assuranceSecurity hole #5 application security science or quality assurance
Security hole #5 application security science or quality assuranceTjylen Veselyj
 
Sh#3 incident forensics
Sh#3 incident forensicsSh#3 incident forensics
Sh#3 incident forensicsTjylen Veselyj
 
Mobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicMobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicTjylen Veselyj
 

More from Tjylen Veselyj (10)

Web Application Firewall (WAF) DAST/SAST combination
Web Application Firewall (WAF) DAST/SAST combinationWeb Application Firewall (WAF) DAST/SAST combination
Web Application Firewall (WAF) DAST/SAST combination
 
Intro to Security in SDLC
Intro to Security in SDLCIntro to Security in SDLC
Intro to Security in SDLC
 
Welcome to the world of hacking
Welcome to the world of hackingWelcome to the world of hacking
Welcome to the world of hacking
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012
 
iOS Forensics
iOS Forensics iOS Forensics
iOS Forensics
 
Virtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the CloudVirtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the Cloud
 
Security hole #5 application security science or quality assurance
Security hole #5 application security science or quality assuranceSecurity hole #5 application security science or quality assurance
Security hole #5 application security science or quality assurance
 
Sh#3 incident forensics
Sh#3 incident forensicsSh#3 incident forensics
Sh#3 incident forensics
 
Sql Injection V.2
Sql Injection V.2Sql Injection V.2
Sql Injection V.2
 
Mobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicMobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final Public
 

OWASP Community Lviv Organization, Methodology, Projects and Tools

Editor's Notes

  1. АналогAntiSamyдля .NET є Microsoft AntiXSS. Розроблявся Aspect SecurityWebScarabFragments - extracts Scripts and HTML comments from HTML pages as they are seen via the proxy, or other plugins Beanshell 
  2. Code Crawler