Advanced SQL Injection - Victor Chapela
Download
Report
Transcript Advanced SQL Injection - Victor Chapela
Java Project Status
OWASP
AppSec
Seattle
Oct 2006
Rohyt Belani
OWASP Java Project Lead
Managing Director, MANDIANT
[email protected]
Copyright © 2006 - The OWASP Foundation
Permission is granted to copy, distribute and/or modify this document under the
terms of the Creative Commons Attribution-ShareAlike 2.5 License. To view this
license, visit http://creativecommons.org/licenses/by-sa/2.5/
The OWASP Foundation
http://www.owasp.org/
The Objective
To facilitate the building of secure Java and J2EE
applications
Introduce Software Architects to security design and
architectural considerations
Arm Java developers with the know-how to cover the
spectrum of security issues during development, such as
input validation, encryption, error handling, logging, etc.
Assist application deployers in reducing the attack
surface of the application servers
Provide security testers information on security analysis
tools and techniques
OWASP AppSec Seattle 2006
2
What have we achieved?
Started in June 2006
Led by Stephen De Vries & Rohyt Belani
Over 50 members subscribed to the project
mailing list
11 articles
Several more articles in the works
Articles provide practical information
supplemented with appropriate snippets of code
OWASP AppSec Seattle 2006
3
Our plan going forward…
Provide practical coverage on noteworthy
frameworks like Struts, Hibernate, etc.
Complete work on the current list of articles in
the next 6 months
Make this project the “one stop shop” for the
security needs of Java developers
We need your help to make this happen!
OWASP AppSec Seattle 2006
4
What you can do…
Provide suggestions on topics that you will like
covered in addition to those currently outlined in
the project roadmap
Initiate and participate in appropriate idea
exchanges on the project mailing list
Contribute by writing articles or even pieces of
larger articles
Secure the world…function() by function()
OWASP AppSec Seattle 2006
5
For more information…
Visit:
http://www.owasp.org/index.php/Category:OWASP_Java_Project
Email Contact:
Rohyt Belani: [email protected]
Stephen De Vries: [email protected]
OWASP AppSec Seattle 2006
6