VV
Uploaded byVandana Verma
209 views

SARCON Talk - Vandana Verma Sehgal

The Open Web Application Security Project (OWASP) is an online community that produces freely available articles, methodologies, documentation, tools, and technologies related to web application security. It has over 93 active projects led by volunteer community members. Some of the major OWASP projects include the OWASP Top Ten project, the Application Security Verification Standard, the Web Security Testing Guide, and security tools like ZAP, Dependency Check, and DefectDojo.

Embed presentation

Download to read offline
OWASP Projects Vandana Verma Sehgal
WHO AM I ● Security Architect @ IBM India Software Labs ● OWASP Global Board Member, Bangalore Chapter Leader ● Speaker/Trainer at Defcon(AppSec Village), Asst. Trainer at Black Hat, OWASP AppSec Conferences and others ● Member of Review Board at Grace Hopper, BSides Conferences, Global AppSec, etc. ● Diversity Initiatives: InfoSec Girls, OWASP WiA, WoSec
The Open Web Application Security Project (OWASP), an online community, produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. Web site - https://www.owasp.org/ • Tools and Resources • Community and Networking • Education & Training
Started in December, 2001 Obtained 501c3 (non-profit) Status in April 2004 OWASP Top Ten List The OWASP foundation has produced many guides, projects, and publications, since their beginning OWASP History
OWASP https://www.owasp.org/ Your nearest local OWASP Chapter https://www.owasp.org/index.php/OWASP_Chapter Free places to learn AppSec
OWASP Projects are a collection of related tasks that have a defined roadmap and team members. Our projects are open source and are built by our community of volunteers - people just like you! OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. OWASP currently has ‘over ‘93’ active projects’, and new project applications are submitted every week. OWASP Projects
v OWASP Top Ten https://owasp.org/www-project-top-ten/ v OWASP Application Security Verification Standard (ASVS) https://owasp.org/www-project-application-security-verification-standard/# v OWASP Web Security Testing Guide https://owasp.org/www-project-web-security-testing-guide/ v OWASP Mobile Security Testing Guide https://owasp.org/www-project-mobile-security-testing-guide/ v OWASP Mobile Top 10 https://owasp.org/www-project-mobile-top-10/ OWASP Documentation Projects
OWASP ZAP v https://owasp.org/www-project-zap/ OWASP Dependency-Check v https://owasp.org/www-project-dependency-check/ OWASP Defectdojo v https://owasp.org/www-project-defectdojo/ OWASP Tool Projects
OWASP Mutillidae https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP WebGoat https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project OWASP Juice Shop https://owasp.org/www-project-juice-shop/ Practice Platforms
OWASP ModSecurity Core Rule https://owasp.org/www-project-modsecurity-core-rule-set/ Web Application Firewall
https://owasp.org/www-project-cheat-sheets/ OWASP Cheat Sheet Series
If you wish to contribute to the cheat sheets, or to suggest any improvements or changes, then please do so via the issue tracker on the GitHub repository. Alternatively, join us in the channels on the OWASP Slack. Contribute
HOW DO WE MOVE FORWARD
As a Community ● If you look like you don’t belong, then buckle up, believe in yourself and engage with the technical community ● Leverage the many opportunities for scholarships, travel grants, meetup groups, networks and more.
OWASP Juice Shop v10.0.0 released, March 17, 2020 Global AppSec Dublin postponed to 2021, March 12, 2020 Dublin Call for Papers and Trainers, February 18, 2020 OWASP SAMM v2.0 Released, February 11, 2020 Recent OWASP News
Virtual AppSec Days, April 27-30, 2020 AppSec Morocco & Africa 2020, June 4-5, 2020 Global AppSec SF October 19th-23rd, 2020 Global AppSec Dublin February 15-19th, 2021 Upcoming Conferences
We are Making PROGRESS.. BUT, We Have a Long Way to Go!!
Reach Me! ● Twitter: @InfosecVandana ● LinkedIn: vandana-verma ● Email: vandana.infosec@gmail.com
Thank you!

More Related Content

PDF
Running an app sec program with OWASP projects_ Defcon AppSec Village
byVandana Verma
 
PPTX
[Wroclaw #5] OWASP Projects: beyond Top 10
byOWASP
 
ODP
OISF - AppSec Presentation
byThreatReel Podcast
 
PDF
Owasp top 10-2017
bymalvvv
 
PDF
Application Security on a Dime: A Practical Guide to Using Functional Open So...
byPOSSCON
 
ODP
CiNPA Security SIG - AppSec Presentation
byThreatReel Podcast
 
PDF
Veracode Automation CLI (using Jenkins for SDL integration)
byDinis Cruz
 
PDF
ISC2: AppSec & OWASP Primer
byThreatReel Podcast
 
Running an app sec program with OWASP projects_ Defcon AppSec Village
byVandana Verma
 
[Wroclaw #5] OWASP Projects: beyond Top 10
byOWASP
 
OISF - AppSec Presentation
byThreatReel Podcast
 
Owasp top 10-2017
bymalvvv
 
Application Security on a Dime: A Practical Guide to Using Functional Open So...
byPOSSCON
 
CiNPA Security SIG - AppSec Presentation
byThreatReel Podcast
 
Veracode Automation CLI (using Jenkins for SDL integration)
byDinis Cruz
 
ISC2: AppSec & OWASP Primer
byThreatReel Podcast
 

What's hot

PDF
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
byOWASP
 
PPTX
Protección web con ESAPI y AppSensor [GuadalajaraCON 2013]
byWebsec México
 
PDF
DevSecOps 101
byNarudom Roongsiriwong, CISSP
 
PPTX
Web application Security tools
byNico Penaredondo
 
PDF
SC conference - Building AppSec Teams
byDinis Cruz
 
PPTX
DevSecOps-OWASP Indonesia Day 2017
bySuman Sourav
 
PDF
[DevSecOps Live] DevSecOps: Challenges and Opportunities
byMohammed A. Imran
 
PPTX
Implementing an Application Security Pipeline in Jenkins
bySuman Sourav
 
PDF
Optimizing Your Application Security Program with Netsparker and ThreadFix
byDenim Group
 
PPTX
From the Frontline of RASP Adoption
byGoran Begic
 
PPTX
23 owasp top 10 - resources
byappsec
 
PDF
OISC 2019 - The OWASP Top 10 & AppSec Primer
byThreatReel Podcast
 
PDF
OWASP top10 2017, Montpellier JUG de Noel
byHubert Gregoire
 
PDF
Appsec training gme
bySalil Kumar Subramony
 
PDF
DevSecOps - Building continuous security into it and app infrastructures
byPriyanka Aash
 
PDF
Owasp and friends
byMažvydas Skuodas
 
PPTX
20160211 OWASP Charlotte RASP
bychadtindel
 
PDF
Dev secops. Real experience.
byVitaly Balashov
 
PPTX
[Wroclaw #2] iOS Security - 101
byOWASP
 
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
byOWASP
 
Protección web con ESAPI y AppSensor [GuadalajaraCON 2013]
byWebsec México
 
DevSecOps 101
byNarudom Roongsiriwong, CISSP
 
Web application Security tools
byNico Penaredondo
 
SC conference - Building AppSec Teams
byDinis Cruz
 
DevSecOps-OWASP Indonesia Day 2017
bySuman Sourav
 
[DevSecOps Live] DevSecOps: Challenges and Opportunities
byMohammed A. Imran
 
Implementing an Application Security Pipeline in Jenkins
bySuman Sourav
 
Optimizing Your Application Security Program with Netsparker and ThreadFix
byDenim Group
 
From the Frontline of RASP Adoption
byGoran Begic
 
23 owasp top 10 - resources
byappsec
 
OISC 2019 - The OWASP Top 10 & AppSec Primer
byThreatReel Podcast
 
OWASP top10 2017, Montpellier JUG de Noel
byHubert Gregoire
 
Appsec training gme
bySalil Kumar Subramony
 
DevSecOps - Building continuous security into it and app infrastructures
byPriyanka Aash
 
Owasp and friends
byMažvydas Skuodas
 
20160211 OWASP Charlotte RASP
bychadtindel
 
Dev secops. Real experience.
byVitaly Balashov
 
[Wroclaw #2] iOS Security - 101
byOWASP
 

Similar to SARCON Talk - Vandana Verma Sehgal

PPT
Introduction To OWASP
byMarco Morana
 
PDF
OWASP Bulgaria
byZero Science Lab
 
PPTX
Web Application Security Strategy
byNetwork Intelligence India
 
PDF
Owasp top 10 2013 - rc1
byAjay Ohri
 
PDF
Locust Fear
byAlan Lepofsky
 
PPT
Owasp Serbia overview
byNikola Milosevic
 
PDF
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
byG. Geshev
 
PDF
OWASP Overview of Projects You Can Use Today - DefCamp 2012
byDefCamp
 
PPTX
Chirita ionel owasp europe tour
byChirita Ionel
 
PPTX
Security of internet
byOWASPKerala
 
PPT
香港六合彩<六合彩
bydqsmesc
 
PPT
香港六合彩
bypibpjsxy
 
PPT
香港六合彩
bygxsdjh
 
PPT
香港六合彩-六合彩
byrakfbe
 
PPT
香港六合彩 » SlideShare
bynwnftpbv
 
PPT
香港六合彩 » SlideShare
bybnmbroti
 
PDF
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
byOWASP Russia
 
PDF
Owasp o
bySagar Nangare
 
PPT
Owasp Top 10
byShivam Porwal
 
PPTX
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
byLudovic Petit
 
Introduction To OWASP
byMarco Morana
 
OWASP Bulgaria
byZero Science Lab
 
Web Application Security Strategy
byNetwork Intelligence India
 
Owasp top 10 2013 - rc1
byAjay Ohri
 
Locust Fear
byAlan Lepofsky
 
Owasp Serbia overview
byNikola Milosevic
 
[OWASP-Bulgaria] G. Geshev - Chapter Introductory Lecture
byG. Geshev
 
OWASP Overview of Projects You Can Use Today - DefCamp 2012
byDefCamp
 
Chirita ionel owasp europe tour
byChirita Ionel
 
Security of internet
byOWASPKerala
 
香港六合彩<六合彩
bydqsmesc
 
香港六合彩
bypibpjsxy
 
香港六合彩
bygxsdjh
 
香港六合彩-六合彩
byrakfbe
 
香港六合彩 » SlideShare
bynwnftpbv
 
香港六合彩 » SlideShare
bybnmbroti
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
byOWASP Russia
 
Owasp o
bySagar Nangare
 
Owasp Top 10
byShivam Porwal
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
byLudovic Petit
 

More from Vandana Verma

PPTX
Applying OWASP web security testing guide (OWSTG)
byVandana Verma
 
PDF
OWASP - Dependency Check
byVandana Verma
 
PPTX
Basics of Server Side Template Injection
byVandana Verma
 
PDF
Building security into the pipelines
byVandana Verma
 
PDF
App Sec village DevSecOps as a culture
byVandana Verma
 
PDF
Incident response in Cloud
byVandana Verma
 
PPTX
Identity & access management
byVandana Verma
 
PPTX
Web sockets - Pentesting
byVandana Verma
 
PPTX
Security audits & compliance
byVandana Verma
 
PPTX
Oscp - Journey
byVandana Verma
 
PPTX
Chariot generic presentation owaspwia_Infosecgirls
byVandana Verma
 
PPTX
SIEM Vendor Neutrality
byVandana Verma
 
PDF
Addo 2019 vandana_dev_secops_culturalchange
byVandana Verma
 
PDF
Sacon 2020 living in the world of zero trust v1.0
byVandana Verma
 
PPTX
Getting started with android
byVandana Verma
 
PPTX
Importance of Penetration Testing
byVandana Verma
 
PPTX
Story of http headers
byVandana Verma
 
Applying OWASP web security testing guide (OWSTG)
byVandana Verma
 
OWASP - Dependency Check
byVandana Verma
 
Basics of Server Side Template Injection
byVandana Verma
 
Building security into the pipelines
byVandana Verma
 
App Sec village DevSecOps as a culture
byVandana Verma
 
Incident response in Cloud
byVandana Verma
 
Identity & access management
byVandana Verma
 
Web sockets - Pentesting
byVandana Verma
 
Security audits & compliance
byVandana Verma
 
Oscp - Journey
byVandana Verma
 
Chariot generic presentation owaspwia_Infosecgirls
byVandana Verma
 
SIEM Vendor Neutrality
byVandana Verma
 
Addo 2019 vandana_dev_secops_culturalchange
byVandana Verma
 
Sacon 2020 living in the world of zero trust v1.0
byVandana Verma
 
Getting started with android
byVandana Verma
 
Importance of Penetration Testing
byVandana Verma
 
Story of http headers
byVandana Verma
 

Recently uploaded

PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PPTX
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PPTX
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
PDF
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
AI Technology important knowledge ......
byutkarshj2007
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
AI Technology important knowledge ......
byutkarshj2007
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 

SARCON Talk - Vandana Verma Sehgal

  • 1.
  • 2.
    WHO AM I ●Security Architect @ IBM India Software Labs ● OWASP Global Board Member, Bangalore Chapter Leader ● Speaker/Trainer at Defcon(AppSec Village), Asst. Trainer at Black Hat, OWASP AppSec Conferences and others ● Member of Review Board at Grace Hopper, BSides Conferences, Global AppSec, etc. ● Diversity Initiatives: InfoSec Girls, OWASP WiA, WoSec
  • 3.
    The Open WebApplication Security Project (OWASP), an online community, produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. Web site - https://www.owasp.org/ • Tools and Resources • Community and Networking • Education & Training
  • 4.
    Started in December,2001 Obtained 501c3 (non-profit) Status in April 2004 OWASP Top Ten List The OWASP foundation has produced many guides, projects, and publications, since their beginning OWASP History
  • 5.
    OWASP https://www.owasp.org/ Your nearest localOWASP Chapter https://www.owasp.org/index.php/OWASP_Chapter Free places to learn AppSec
  • 6.
    OWASP Projects area collection of related tasks that have a defined roadmap and team members. Our projects are open source and are built by our community of volunteers - people just like you! OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team. OWASP currently has ‘over ‘93’ active projects’, and new project applications are submitted every week. OWASP Projects
  • 7.
    v OWASP TopTen https://owasp.org/www-project-top-ten/ v OWASP Application Security Verification Standard (ASVS) https://owasp.org/www-project-application-security-verification-standard/# v OWASP Web Security Testing Guide https://owasp.org/www-project-web-security-testing-guide/ v OWASP Mobile Security Testing Guide https://owasp.org/www-project-mobile-security-testing-guide/ v OWASP Mobile Top 10 https://owasp.org/www-project-mobile-top-10/ OWASP Documentation Projects
  • 8.
    OWASP ZAP v https://owasp.org/www-project-zap/ OWASPDependency-Check v https://owasp.org/www-project-dependency-check/ OWASP Defectdojo v https://owasp.org/www-project-defectdojo/ OWASP Tool Projects
  • 9.
  • 10.
    OWASP ModSecurity CoreRule https://owasp.org/www-project-modsecurity-core-rule-set/ Web Application Firewall
  • 11.
  • 12.
    If you wishto contribute to the cheat sheets, or to suggest any improvements or changes, then please do so via the issue tracker on the GitHub repository. Alternatively, join us in the channels on the OWASP Slack. Contribute
  • 13.
    HOW DO WEMOVE FORWARD
  • 14.
    As a Community ●If you look like you don’t belong, then buckle up, believe in yourself and engage with the technical community ● Leverage the many opportunities for scholarships, travel grants, meetup groups, networks and more.
  • 15.
    OWASP Juice Shopv10.0.0 released, March 17, 2020 Global AppSec Dublin postponed to 2021, March 12, 2020 Dublin Call for Papers and Trainers, February 18, 2020 OWASP SAMM v2.0 Released, February 11, 2020 Recent OWASP News
  • 16.
    Virtual AppSec Days,April 27-30, 2020 AppSec Morocco & Africa 2020, June 4-5, 2020 Global AppSec SF October 19th-23rd, 2020 Global AppSec Dublin February 15-19th, 2021 Upcoming Conferences
  • 17.
    We are MakingPROGRESS.. BUT, We Have a Long Way to Go!!
  • 18.
    Reach Me! ● Twitter:@InfosecVandana ● LinkedIn: vandana-verma ● Email: vandana.infosec@gmail.com
  • 19.