Nikola Milosevic, profile picture
Uploaded byNikola Milosevic
PPT, PDF1,078 views

Owasp Serbia overview

The document provides an overview of OWASP Serbia, which is a local chapter of OWASP (Open Web Application Security Project). It summarizes what OWASP is, its mission to improve application security, core values of being open, innovative, global and with integrity. It also describes some of OWASP's projects like the Top 10 vulnerabilities, Application Security Verification Standard, and tools like ZAP and WebGoat. Finally it discusses the local chapter in Serbia, its activities and goals.

Technology
Related topics:
Information Security

Embed presentation

Downloaded 27 times
OWASP Serbia Overview Nikola Milošević OWASP Serbia Local Chapter Leader P3 Communications nikola.milosevic@owasp.org OWASP 9.4.2012. Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation http://www.owasp.org
What is OWASP Professional organization Professionals, students, companies, universities Awarness Standards Tools Distributed, global peers OWASP 2
Mission  Make application security visible so that people and organizations can make informed decisions about true application security risk  What causes?  • Immediate causes – vulnerabilities themselves  • Developers and operators  • Organizational structure, development process, supporting technology  • Increasing connectivity and complexity  • Legal and regulatory environment  • Asymmetric information in the software market OWASP 3
OWASP Core Values  OPEN Everything at OWASP is radically transparent from our finances to our code.  INNOVATION OWASP encourages and supports innovation/experiments for solutions to software security challenges.  GLOBAL Anyone around the world is encouraged to participate in the OWASP community.  INTEGRITY OWASP is an honest and truthful, vendor agnostic, global community OWASP 4
OWASP Code of Ethics  Perform all professional activities and duties in accordance with all applicable laws and the highest ethical principles;  Maintain appropriate confidentiality of proprietary or otherwise sensitive information encountered in the course of professional activities;  To communicate openly and honestly;  Refrain from any activities which might constitute a conflict of interest or otherwise damage the reputation of employers, the information security profession, or the Association;  To maintain and affirm our objectivity and independence;  To reject inappropriate pressure from industry or others; OWASP 5
Why should I care about security? OWASP 6
Why should I care about security? Increased fraquency of attacks Complexity of malware Hacktivism Online crime Internet warfare Technological espionage Cracking Etc... OWASP 7
OWASP Projects - General 3 groups: Protect – Tools and docs used to protect Detect – Tools and docs used to find Life Cycle – Tools and docs used to add security related activities in Software Developement Lifecycle Everyone can start project, after review and acceptance from Global Committee OWASP 8
OWASP Projects – OWASP Top 10 OWASP 9
OWASP Projects – OWASP Application Security Verification Standard OWASP Standardization The first internationally-recognized standard for conducting application security assessments. Security testing and code review techniques Covers both automated and manual approaches for assessing Web application – released Web services – in progress OWASP 10
OWASP Projects – OWASP Live CD Content OWASP 11
OWASP Projects – OWASP Frameworks OWASP AntySami Project (Java,.NET) API for validating rich HTML/CSS input from users without exposure to cross-site scripting and phishing attacks OWASP Enterprise Security API (ESAPI) Free and open collection of all the security methods that a developer needs to build a secure web application. OWASP Mod Security Rule Set Project web application firewall engine generic protection from unknown vulnerabilities often found in web applications OWASP 12
OWASP Projects – OWASP Guides OWASP Development Guide OWASP .NET Project OWASP Ruby on Rails Security Guide OWASP Secure Coding Practices – Quick Reference OWASP Code Review Guide OWASP Testing Guide OWASP Legal Project OWASP 13
OWASP Projects – OWASP Tools OWASP JBroFuzz Project JBroFuzz is a web application fuzzer for requests being made over HTTP or HTTPS OWASP Web Scarab Project Tool for performing all types of security testing on web applications and web services OWASP Zed Attack Proxy penetration testing tool for finding vulnerabilities in web applications. used by people with a wide range of security experience Toolsmith tool of the year 2011 OWASP 14
OWASP Projects – OWASP Web Goat Educational project Want to learn how to test security on web app? Try Web Goat! Learn to perform OWASP Top 10 Other Goat projects: GoatDroid iGoat OWASP 15
OWASP Local chapters - Overview 94 Countries 288 Local Chapters OWASP 16
OWASP Local chapters - Overview Local communities Working on rising awareness of IT Security Management level Developer level Ordinary people Knowledge sharing Local chapters contribute on OWASP projects Guided by Local Chapter Handbook OWASP 17
AppSec conferences  OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. Started in 2004. in USA, 2005. in Europe Global AppSec conferences AppSec Asia-Pacific 11. – 14. April, Sydney, Australia Global AppSec Research 10 – 13 July, Athens, Greece AppSec North America 22 – 26 Oct, Austin,TX AppSec Latin America 14 – 16 Nov, Buenos Aires, Argentina OWASP 18
AppSec conferences Regional and Local AppSec Conferences OWASP Day – usualy one day conference One or more days OWASP 19
Academic partners OWASP 20
Sponsors Content OWASP 21
Google Summer of Code 2012 OWASP is officialy selected as GSoC mentoring organization  1) Think of a good idea – For reference see GSoC 2012 Ideas  2) Do some research yourself based on the idea, write up a proposal draft  3) Post it to the mailing list at gsoc@lists.owasp.org for initial discussions with OWASP mentors.  4) Based on feedback, write a full proposal – See template below:https://www.owasp.org/index.php/GSoC_SAT  5) Submit your proposal to Google from March 26–April 6, 2012. April – August coding OWASP 22
Local Chapter Serbia Local chapter meetings – every month Spreading the avareness, do the PR OWASP day – hopefuly Competition Working groups – PR, FR, IT... Contribute on global projects Any other ideas? OWASP 23
Questions and Discussion OWASP 24

More Related Content

ODP
OISF - AppSec Presentation
byThreatReel Podcast
 
PDF
2014 09-04-pj
bySébastien GIORIA
 
PDF
Owasp top 10-2017
bymalvvv
 
PDF
OWASP Overview of Projects You Can Use Today - DefCamp 2012
byDefCamp
 
ODP
CiNPA Security SIG - AppSec Presentation
byThreatReel Podcast
 
PDF
Application Security on a Dime: A Practical Guide to Using Functional Open So...
byPOSSCON
 
PDF
Running an app sec program with OWASP projects_ Defcon AppSec Village
byVandana Verma
 
PDF
Running a High-Efficiency, High-Visibility Application Security Program with...
byDenim Group
 
OISF - AppSec Presentation
byThreatReel Podcast
 
2014 09-04-pj
bySébastien GIORIA
 
Owasp top 10-2017
bymalvvv
 
OWASP Overview of Projects You Can Use Today - DefCamp 2012
byDefCamp
 
CiNPA Security SIG - AppSec Presentation
byThreatReel Podcast
 
Application Security on a Dime: A Practical Guide to Using Functional Open So...
byPOSSCON
 
Running an app sec program with OWASP projects_ Defcon AppSec Village
byVandana Verma
 
Running a High-Efficiency, High-Visibility Application Security Program with...
byDenim Group
 

What's hot

PDF
Matteo Meucci Isaca Venice - 2017
byMinded Security
 
PDF
OWASP top10 2017, Montpellier JUG de Noel
byHubert Gregoire
 
PDF
La Sécurité des CMS ?
bySebastien Gioria
 
PDF
Optimizing Your Application Security Program with Netsparker and ThreadFix
byDenim Group
 
PPT
iGoat presentation
byeffecthacking
 
PDF
Running a Comprehensive Application Security Program with Checkmarx and Threa...
byDenim Group
 
PDF
ThreadFix and SD Elements Unifying Security Requirements and Vulnerability Ma...
byDenim Group
 
PPTX
2015 CJUG MVC 1.0
bymnriem
 
PDF
42 minutes to secure your code....
bySebastien Gioria
 
PDF
Create a Unified View of Your Application Security Program – Black Duck Hub a...
byDenim Group
 
PDF
DevSecOps - Building continuous security into it and app infrastructures
byPriyanka Aash
 
PDF
Security Code Reviews. Does Your Code Need an Open Heart Surgery and The 6 Po...
bySherif Koussa
 
PPTX
QA Fest 2019. Ирина Бондарук. Breaking into information security
byQAFest
 
PPTX
When is free not free: The true costs of open source
byRogue Wave Software
 
PDF
A worldwide journey to build a secure development environment
byPriyanka Aash
 
PPTX
Application Security Webcast
byVlad Styran
 
PDF
How to transform developers into security people
byPriyanka Aash
 
PDF
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
byOWASP
 
PDF
Securing 100 products - How hard can it be?
byPriyanka Aash
 
PDF
Locust Fear
byAlan Lepofsky
 
Matteo Meucci Isaca Venice - 2017
byMinded Security
 
OWASP top10 2017, Montpellier JUG de Noel
byHubert Gregoire
 
La Sécurité des CMS ?
bySebastien Gioria
 
Optimizing Your Application Security Program with Netsparker and ThreadFix
byDenim Group
 
iGoat presentation
byeffecthacking
 
Running a Comprehensive Application Security Program with Checkmarx and Threa...
byDenim Group
 
ThreadFix and SD Elements Unifying Security Requirements and Vulnerability Ma...
byDenim Group
 
2015 CJUG MVC 1.0
bymnriem
 
42 minutes to secure your code....
bySebastien Gioria
 
Create a Unified View of Your Application Security Program – Black Duck Hub a...
byDenim Group
 
DevSecOps - Building continuous security into it and app infrastructures
byPriyanka Aash
 
Security Code Reviews. Does Your Code Need an Open Heart Surgery and The 6 Po...
bySherif Koussa
 
QA Fest 2019. Ирина Бондарук. Breaking into information security
byQAFest
 
When is free not free: The true costs of open source
byRogue Wave Software
 
A worldwide journey to build a secure development environment
byPriyanka Aash
 
Application Security Webcast
byVlad Styran
 
How to transform developers into security people
byPriyanka Aash
 
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
byOWASP
 
Securing 100 products - How hard can it be?
byPriyanka Aash
 
Locust Fear
byAlan Lepofsky
 

Similar to Owasp Serbia overview

PPT
香港六合彩<六合彩
bydqsmesc
 
PPT
香港六合彩-六合彩
byrakfbe
 
PPT
香港六合彩
bygxsdjh
 
PPT
香港六合彩
bypibpjsxy
 
PPT
香港六合彩 » SlideShare
bybnmbroti
 
PPT
香港六合彩 » SlideShare
bynwnftpbv
 
PPT
Introduction To OWASP
byMarco Morana
 
PDF
Owasp o
bySagar Nangare
 
PDF
OWASP Bulgaria
byZero Science Lab
 
PDF
Owasp top 10 2013 - rc1
byAjay Ohri
 
PPTX
Security of internet
byOWASPKerala
 
PPTX
Chirita ionel owasp europe tour
byChirita Ionel
 
PDF
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
byG. Geshev
 
PDF
Vulnerability Management In An Application Security World: AppSecDC
byDenim Group
 
PDF
OWASP Newsletter May/June 2012
byLudovic Petit
 
PPTX
Do You... Legal?
byLudovic Petit
 
PPT
OWASP - Building Secure Web Applications
byalexbe
 
PPTX
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
byLudovic Petit
 
PDF
SARCON Talk - Vandana Verma Sehgal
byVandana Verma
 
PDF
OWASP Top Ten 2013
byAlessandro Bonu
 
香港六合彩<六合彩
bydqsmesc
 
香港六合彩-六合彩
byrakfbe
 
香港六合彩
bygxsdjh
 
香港六合彩
bypibpjsxy
 
香港六合彩 » SlideShare
bybnmbroti
 
香港六合彩 » SlideShare
bynwnftpbv
 
Introduction To OWASP
byMarco Morana
 
Owasp o
bySagar Nangare
 
OWASP Bulgaria
byZero Science Lab
 
Owasp top 10 2013 - rc1
byAjay Ohri
 
Security of internet
byOWASPKerala
 
Chirita ionel owasp europe tour
byChirita Ionel
 
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
byG. Geshev
 
Vulnerability Management In An Application Security World: AppSecDC
byDenim Group
 
OWASP Newsletter May/June 2012
byLudovic Petit
 
Do You... Legal?
byLudovic Petit
 
OWASP - Building Secure Web Applications
byalexbe
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
byLudovic Petit
 
SARCON Talk - Vandana Verma Sehgal
byVandana Verma
 
OWASP Top Ten 2013
byAlessandro Bonu
 

More from Nikola Milosevic

PPTX
Classifying intangible social innovation concepts using machine learning and ...
byNikola Milosevic
 
PPTX
Machine learning (ML) and natural language processing (NLP)
byNikola Milosevic
 
PPTX
Veštačka inteligencija
byNikola Milosevic
 
PPTX
AI an the future of society
byNikola Milosevic
 
PPTX
Machine learning prediction of stock markets
byNikola Milosevic
 
PPTX
Equity forecast: Predicting long term stock market prices using machine learning
byNikola Milosevic
 
PPTX
BelBi2016 presentation: Hybrid methodology for information extraction from ta...
byNikola Milosevic
 
PPTX
Extracting patient data from tables in clinical literature
byNikola Milosevic
 
PPTX
Supporting clinical trial data curation and integration with table mining
byNikola Milosevic
 
PPTX
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
byNikola Milosevic
 
PPTX
Serbia2
byNikola Milosevic
 
PPTX
Table mining and data curation from biomedical literature
byNikola Milosevic
 
PDF
Malware
byNikola Milosevic
 
PDF
Sentiment analysis for Serbian language
byNikola Milosevic
 
PDF
Http and security
byNikola Milosevic
 
PDF
Android business models
byNikola Milosevic
 
ODP
Android(1)
byNikola Milosevic
 
PPT
Sigurnosne prijetnje i mjere zaštite IT infrastrukture
byNikola Milosevic
 
PPTX
Mašinska analiza sentimenta rečenica na srpskom jeziku
byNikola Milosevic
 
PPT
Malware
byNikola Milosevic
 
Classifying intangible social innovation concepts using machine learning and ...
byNikola Milosevic
 
Machine learning (ML) and natural language processing (NLP)
byNikola Milosevic
 
Veštačka inteligencija
byNikola Milosevic
 
AI an the future of society
byNikola Milosevic
 
Machine learning prediction of stock markets
byNikola Milosevic
 
Equity forecast: Predicting long term stock market prices using machine learning
byNikola Milosevic
 
BelBi2016 presentation: Hybrid methodology for information extraction from ta...
byNikola Milosevic
 
Extracting patient data from tables in clinical literature
byNikola Milosevic
 
Supporting clinical trial data curation and integration with table mining
byNikola Milosevic
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
byNikola Milosevic
 
Serbia2
byNikola Milosevic
 
Table mining and data curation from biomedical literature
byNikola Milosevic
 
Malware
byNikola Milosevic
 
Sentiment analysis for Serbian language
byNikola Milosevic
 
Http and security
byNikola Milosevic
 
Android business models
byNikola Milosevic
 
Android(1)
byNikola Milosevic
 
Sigurnosne prijetnje i mjere zaštite IT infrastrukture
byNikola Milosevic
 
Mašinska analiza sentimenta rečenica na srpskom jeziku
byNikola Milosevic
 
Malware
byNikola Milosevic
 

Recently uploaded

PDF
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
 
PDF
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
PDF
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
PDF
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
PPTX
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
PPTX
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
PPTX
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
PDF
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
PDF
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
PDF
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
PDF
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PDF
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
Designing a Blog Using Wordpress
bymarkzubi50
 
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 

Owasp Serbia overview

  • 1.
    OWASP Serbia Overview Nikola Milošević OWASP Serbia Local Chapter Leader P3 Communications nikola.milosevic@owasp.org OWASP 9.4.2012. Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation http://www.owasp.org
  • 2.
    What is OWASP Professionalorganization Professionals, students, companies, universities Awarness Standards Tools Distributed, global peers OWASP 2
  • 3.
    Mission  Make applicationsecurity visible so that people and organizations can make informed decisions about true application security risk  What causes?  • Immediate causes – vulnerabilities themselves  • Developers and operators  • Organizational structure, development process, supporting technology  • Increasing connectivity and complexity  • Legal and regulatory environment  • Asymmetric information in the software market OWASP 3
  • 4.
    OWASP Core Values OPEN Everything at OWASP is radically transparent from our finances to our code.  INNOVATION OWASP encourages and supports innovation/experiments for solutions to software security challenges.  GLOBAL Anyone around the world is encouraged to participate in the OWASP community.  INTEGRITY OWASP is an honest and truthful, vendor agnostic, global community OWASP 4
  • 5.
    OWASP Code ofEthics  Perform all professional activities and duties in accordance with all applicable laws and the highest ethical principles;  Maintain appropriate confidentiality of proprietary or otherwise sensitive information encountered in the course of professional activities;  To communicate openly and honestly;  Refrain from any activities which might constitute a conflict of interest or otherwise damage the reputation of employers, the information security profession, or the Association;  To maintain and affirm our objectivity and independence;  To reject inappropriate pressure from industry or others; OWASP 5
  • 6.
    Why should Icare about security? OWASP 6
  • 7.
    Why should Icare about security? Increased fraquency of attacks Complexity of malware Hacktivism Online crime Internet warfare Technological espionage Cracking Etc... OWASP 7
  • 8.
    OWASP Projects -General 3 groups: Protect – Tools and docs used to protect Detect – Tools and docs used to find Life Cycle – Tools and docs used to add security related activities in Software Developement Lifecycle Everyone can start project, after review and acceptance from Global Committee OWASP 8
  • 9.
    OWASP Projects –OWASP Top 10 OWASP 9
  • 10.
    OWASP Projects –OWASP Application Security Verification Standard OWASP Standardization The first internationally-recognized standard for conducting application security assessments. Security testing and code review techniques Covers both automated and manual approaches for assessing Web application – released Web services – in progress OWASP 10
  • 11.
    OWASP Projects –OWASP Live CD Content OWASP 11
  • 12.
    OWASP Projects –OWASP Frameworks OWASP AntySami Project (Java,.NET) API for validating rich HTML/CSS input from users without exposure to cross-site scripting and phishing attacks OWASP Enterprise Security API (ESAPI) Free and open collection of all the security methods that a developer needs to build a secure web application. OWASP Mod Security Rule Set Project web application firewall engine generic protection from unknown vulnerabilities often found in web applications OWASP 12
  • 13.
    OWASP Projects –OWASP Guides OWASP Development Guide OWASP .NET Project OWASP Ruby on Rails Security Guide OWASP Secure Coding Practices – Quick Reference OWASP Code Review Guide OWASP Testing Guide OWASP Legal Project OWASP 13
  • 14.
    OWASP Projects –OWASP Tools OWASP JBroFuzz Project JBroFuzz is a web application fuzzer for requests being made over HTTP or HTTPS OWASP Web Scarab Project Tool for performing all types of security testing on web applications and web services OWASP Zed Attack Proxy penetration testing tool for finding vulnerabilities in web applications. used by people with a wide range of security experience Toolsmith tool of the year 2011 OWASP 14
  • 15.
    OWASP Projects –OWASP Web Goat Educational project Want to learn how to test security on web app? Try Web Goat! Learn to perform OWASP Top 10 Other Goat projects: GoatDroid iGoat OWASP 15
  • 16.
    OWASP Local chapters- Overview 94 Countries 288 Local Chapters OWASP 16
  • 17.
    OWASP Local chapters- Overview Local communities Working on rising awareness of IT Security Management level Developer level Ordinary people Knowledge sharing Local chapters contribute on OWASP projects Guided by Local Chapter Handbook OWASP 17
  • 18.
    AppSec conferences  OWASPAppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. Started in 2004. in USA, 2005. in Europe Global AppSec conferences AppSec Asia-Pacific 11. – 14. April, Sydney, Australia Global AppSec Research 10 – 13 July, Athens, Greece AppSec North America 22 – 26 Oct, Austin,TX AppSec Latin America 14 – 16 Nov, Buenos Aires, Argentina OWASP 18
  • 19.
    AppSec conferences Regional andLocal AppSec Conferences OWASP Day – usualy one day conference One or more days OWASP 19
  • 20.
  • 21.
  • 22.
    Google Summer ofCode 2012 OWASP is officialy selected as GSoC mentoring organization  1) Think of a good idea – For reference see GSoC 2012 Ideas  2) Do some research yourself based on the idea, write up a proposal draft  3) Post it to the mailing list at gsoc@lists.owasp.org for initial discussions with OWASP mentors.  4) Based on feedback, write a full proposal – See template below:https://www.owasp.org/index.php/GSoC_SAT  5) Submit your proposal to Google from March 26–April 6, 2012. April – August coding OWASP 22
  • 23.
    Local Chapter Serbia Localchapter meetings – every month Spreading the avareness, do the PR OWASP day – hopefuly Competition Working groups – PR, FR, IT... Contribute on global projects Any other ideas? OWASP 23
  • 24.