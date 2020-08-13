Successfully reported this slideshow.
Running an AppSec Program with Open Source Projects Vandana Verma Sehgal
❖ OWASP Global Board of Director ❖ President - InfosecGirls ❖ Award-winning Cybersecurity Professional ❖ Keynote Speaker, ...
AppSec Framework Threat Modeling Vulnerability Testing Training & Awareness Knowledge Management Source Code Review Defect...
Requirement Gathering
OWASP Security Rat OWASP Security RAT (Requirement Automation Tool) is a tool to assist with the problem of addressing sec...
OWASP Security Knowledge Framework SKF is an open source security knowledge-base including manageable projects with checkl...
Threat Modeling
OWASP Threat Dragon It is a tool used to create threat model diagrams and to record possible threats and decide on their m...
OWASP pytm OWASP pytm: A Pythonic framework for threat modeling Define your system in Python using the elements and proper...
Source Code Review
Source Code Review Code Review Checklist Guide for the security issues in the code and recommendations on how to fix them ...
Source Code Review OWASP Cheat Sheet Series OWASP Cheat Sheet Series was created to provide a set of simple good practice ...
Software Component Analysis (SCA)
Software Component Analysis (SCA) OWASP Dependency-Check Dependency-Check is a Software Composition Analysis (SCA) tool th...
Vulnerability Testing
Web Application Testing OWASP Web Security Testing Guide The Web Security Testing Guide (WSTG) Project produces the premie...
Mobile Apps Testing Mobile Security Testing Guide The MSTG is a comprehensive manual for mobile app security testing and r...
Automated testing OWASP ZAP ZAP is an open-source web application security scanner. It is intended to be used by both thos...
Defect Tracking
OWASP Defectdojo DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage our a...
Defensive Controls
Defensive Controls OWASP CSRFGuard It’s a list of security techniques that should be included in every software developmen...
Proactive Controls
Training & Awareness
OWASP Webgoat OWASP WebGoat is a deliberately insecure application that allows interested developers just like you to test...
OWASP Security Shepherd OWASP Security Shepherd is a web and mobile application security training platform. Security Sheph...
OWASP DevSlop The OWASP DevSlop project contains several modules, all with the purpose of teaching participants about DevS...
OWASP Juice Shop OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used i...
Awareness – Web App OWASP Top 10 The OWASP Top 10 is the reference standard for the most critical web application security...
Awareness OWASP Mobile Top 10 The Mobile Top 10 is the reference standard for the most critical mobile application securit...
Awareness OWASP Top 10 Privacy Risks Top 10 list for privacy risks in web applications and related countermeasures https:/...
Knowledge Management
Knowledge Management OWASP Application Security Verification Standard ASVS Project provides a basis for testing web applic...
Knowledge Management OWASP Snakes And Ladders Snakes and Ladders is an educational project. It uses gamification to promot...
AppSec Framework with Open Source (OWASP) Tools • Code Review Guide • Risk Assessment Framework • Threat Dragon • pytm • S...
Contribute If you wish to contribute to the projects, or to suggest any improvements or changes, then please do so via the...
HOW DO WE MOVE FORWARD
Free places to learn AppSec OWASP https://www.owasp.org/ Your nearest local OWASP Chapter https://owasp.org/chapters/
As a Community If you look like you don’t belong, then buckle up, believe in yourself and engage with the technical commun...
Reach Me! Twitter: @InfosecVandana LinkedIn: vandana-verma Email: vandana.infosec@gmail.com
Thank you!
Running an app sec program with OWASP projects_ Defcon AppSec Village

Running an app sec program with OWASP projects_ Defcon AppSec Village

