To make sure you receive future emails,
please add to your address book or safe list.

OWASP Connector February 5, 2013

Standard OWASP Banner                                                                         


OWASP Embedded Application Security Project - There are many challenges in the embedded field including limited memory, a small stack and the challenge of pushing firmware updates.  The goal of this project is to identify the risks in embedded hardware applications, create a list of best practices and draw on the resources OWASP already has and bring that to the embedded world.  Please contact Aaron Weaver if you wish to contribute to the project.

OWASP OpenStack Security Project - The OWASP OpenStack Security Project is an effort to provide security testing techniques and tools to assess the security of the OpenStack code base.  Generally speaking, the OpenStack community is primarily developers of OpenStack and companies which are implementing all or parts of OpenStack.  This project provides a bridge between the OpenStack community and the OWASP community of security professionals.  The project leader is also a member of OpenStack and is a member of the OpenStack Security Group.  OpenStack has the desire to be the Linux of Cloud infrastructure, and OWASP can be the community that ensures the security of that Cloud.  Please contact Matt Tesauro if you wish to contribute to the project


OWASP ZAP 2.0.0 is now available for Download

Simon Bennetts, OWASP Zap's Project Leader, is planning to host a Google hangout demonstrating many of these features at 17:00 UTC on Friday 8th Feb.  Details to be announced via twitter

For more information on Zap 2.0 new features, please visit the OWASP Official Blog

OWASP AntiSamy Version 1.5 is finally released!

AntiSamy V1.5 promises to be significantly faster than previous releases;  your mileage will vary anything from just some percent to a full 5 times faster, depending on use cases.  A lot of attention has been put to typical "server" validation cases in this release.  This version requires java 1.5.

For more information on this initiative, please visit the OWASP AntiSamy Project Page

OWASP Foundation



OWASP & Black Hat EU - 
OWASP is proud to once again partner with Black Hat Europe in 2013.  Join us in Amsterdam, March 12-15, 2013 for the premiere conference on information security.  Take advantage of an exclusive 15% discount off Black Hat Europe Briefings.  OWASP members may simply enter the following code:  15OwaSpBHeu13 when completing the registration process. Click Here to Register 

OWASP & RSA Conference 2013 - New for this year, OWASP has partnered with​​ the RSA conference taking place February 25-March 1, 2013.  Register today to access the industry's most in-depth intelligence over five information packed days in San Francisco.  Use the following code to receive an additional $100 off the current registration price:  1213OWASPDL100.

While attending the conference, come check out our talk on Friday, March 1 in the Association Track "Security:  Looking Forward - Protecting critical applications with OWASP" presented by Michael Coates, Chairman of the OWASP Global Board of Directors

Call for 2014 Global AppSec Conference Proposals

We are currently solicitating proposals for our four OWASP Global AppSec conferences in 2014.  Conferences will be selected to facilitate on Global AppSec conference in each quarter of the year.  Conferences will be held in North America, South America, Europe, and the Asia Pacific regions.  New for 2014, we will be moving the North American event to Q2!
  • Global AppSec Asia Pacific - Q1 (Applications due by March 1, 2013)
  • Global AppSec North America - Q2 (Applications due by April 1, 2013)
  • Global AppSec Europe - Q3 (Applications due by July 1, 2013)
  • Global AppSec Latin America - Q4 (Applications due by September 1, 2013)
Those interested in submitting a proposal, should learn more about the recommended planning steps here and submit your application to the OWASP Event Management System

If you have any questions or need assistance with your application, do not hesitate to contact Sarah Baso or the Global Conferences Committee


February 14, 2013 at 10am EST
(GMT -5)


February 14, 2013 at 10pm EST
(GMT -5)


Please add your recommendations for discussion to the meeting agenda

Links to the recordings of January's meetings can be found on the Initiatives Page
Global Initiatives - Chapter

LATAM 2013
The 2013 OWASP LATAM Tour is being scheduled for March/April 2013.  Each location will host a day of training and a day of talks.  If you are interested in submitting a training proposal, or are interested in sponsoring this event, please visit the LATAM 2013 web page.

NEW CITATION:  The new document from PCI SSC references OWASP - 
Information supplement:  PCI DSS E-commerce Guidelines

Other Citations of National & International Legislation, Standards, Guidelines, Committees and Industry Codes of Practice