owasp community in lviv

Organization, Methodology, Projects and Tools

OWASP Community Lviv

Nazar Tymoshyk, Security Consultant, R&D Team, SoftServeAugust, 2012

About me

Security consultant @

Security certified:

Security interests:

Researches: VMI,Honeynets, IDSPenTest, SE, WebSec

Personal interests: Researching, Skiingand Rock Climbing

Member:

3

Standard for Application security

Over 140 Projects

5

Over 30,000 Subscribers

World wide Events

AppSec Conference

InfoSec Conference

Goals of organization

Common standard for application

security

App excellence

Education

Integrity

Innovative

Linked to Life

Independence

8

DETECT PROTECT ECOSYSTEM

Tools

AntiSamy .NET/Java

ModSecurity CRS

WebScarab

Zed Attack Proxy

Live CD Enterprise Security API

DETECT PROTECT

Code Crawler

Perspective projects

WAF

GoatDroid Mobile Security

iGoat

Mantra

Wapiti

AppSensor NAXSI

11

TOP 10

12

Application Security Verification Standard

13

Code Review Guide

14

Testing Guide

15

Development Guide

Software Assurance Maturity Model (SAMM)

…for next session.

?