OWASP Embedded Application Security Project - There are many challenges in the embedded field including limited memory, a small stack and the challenge of pushing firmware updates. The goal of this project is to identify the risks in embedded hardware applications, create a list of best practices and draw on the resources OWASP already has and bring that to the embedded world. Please contact Aaron Weaver if you wish to contribute to the project.
OWASP OpenStack Security Project - The OWASP OpenStack Security Project is an effort to provide security testing techniques and tools to assess the security of the OpenStack code base. Generally speaking, the OpenStack community is primarily developers of OpenStack and companies which are implementing all or parts of OpenStack. This project provides a bridge between the OpenStack community and the OWASP community of security professionals. The project leader is also a member of OpenStack and is a member of the OpenStack Security Group. OpenStack has the desire to be the Linux of Cloud infrastructure, and OWASP can be the community that ensures the security of that Cloud. Please contact Matt Tesauro if you wish to contribute to the project
OWASP ZAP 2.0.0 is now available for Download
Simon Bennetts, OWASP Zap's Project Leader, is planning to host a Google hangout demonstrating many of these features at 17:00 UTC on Friday 8th Feb. Details to be announced via twitter
For more information on Zap 2.0 new features, please visit the OWASP Official Blog
OWASP AntiSamy Version 1.5 is finally released!
AntiSamy V1.5 promises to be significantly faster than previous releases; your mileage will vary anything from just some percent to a full 5 times faster, depending on use cases. A lot of attention has been put to typical "server" validation cases in this release. This version requires java 1.5.
For more information on this initiative, please visit the OWASP AntiSamy Project Page
OWASP & Black Hat EU - OWASP is proud to once again partner with Black Hat Europe in 2013. Join us in Amsterdam, March 12-15, 2013 for the premiere conference on information security. Take advantage of an exclusive 15% discount off Black Hat Europe Briefings. OWASP members may simply enter the following code: 15OwaSpBHeu13 when completing the registration process. Click Here to Register
OWASP & RSA Conference 2013 - New for this year, OWASP has partnered with the RSA conference taking place February 25-March 1, 2013. Register today to access the industry's most in-depth intelligence over five information packed days in San Francisco. Use the following code to receive an additional $100 off the current registration price: 1213OWASPDL100.
While attending the conference, come check out our talk on Friday, March 1 in the Association Track "Security: Looking Forward - Protecting critical applications with OWASP" presented by Michael Coates, Chairman of the OWASP Global Board of Directors
Call for 2014 Global AppSec Conference Proposals
We are currently solicitating proposals for our four OWASP Global AppSec conferences in 2014. Conferences will be selected to facilitate on Global AppSec conference in each quarter of the year. Conferences will be held in North America, South America, Europe, and the Asia Pacific regions. New for 2014, we will be moving the North American event to Q2!
Those interested in submitting a proposal, should learn more about the recommended planning steps here and submit your application to the OWASP Event Management System
- Global AppSec Asia Pacific - Q1 (Applications due by March 1, 2013)
- Global AppSec North America - Q2 (Applications due by April 1, 2013)
- Global AppSec Europe - Q3 (Applications due by July 1, 2013)
- Global AppSec Latin America - Q4 (Applications due by September 1, 2013)
If you have any questions or need assistance with your application, do not hesitate to contact Sarah Baso or the Global Conferences Committee