Copyright © The OWASP FoundationPermission is granted to copy, distribute and/or modify this document under the terms of the OWASP License.

The OWASP Foundation

OWASP

http://www.owasp.org

OWASPGlobal Industry Committee

Colin WatsonGlobal Industry Committee Membercolin.watson(at)owasp.org

25th June 2009

2OWASP

The World of OWASP

Participants and ContributorsMembers

Chapter Leaders, Conference Organisers, Project Leaders and Reviewers BoardProjects and Working GroupsGlobal Committees

Employees

Local Chapter

Projects

Membership

Education

Conferences

Industry

Chapters

3OWASP

Industry Committee

Outreach Position paper / response Collaborate with other

organisations

O P C

O

P

C

Rex Booth David Campbell Georg Hess Eoin Keary Colin Watson Tom Brennan

4OWASP

InfraGard

Collaboration between the US FBI and maintainers of critical national infrastructure

Presentation to Denver chapter of InfraGard

Completed December 2008

O P C

5OWASP

DPC BS 8878:2009

Draft British Standard First official response "The goal of any web project should be to

create web experiences that are accessible, usable and enjoyable for everyone.“

Safe and secure? Response submitted 31 January 2009

O P C

6OWASP

Digital Britain Interim Report

A vision for Britain’s digital economy "Empowered and informed consumers and

citizens fully equipped to take advantage of the opportunities convergence brings.“

"Internet: looking at a range of issues affecting internet users, such as user security and safety and a workable approach to promoting content standards.“

Response submitted 11 March 2009

O P C

7OWASP

Draft NIST SP 800-122

Document to assist US Federal agencies in protecting the confidentiality of Personally Identifiable Information (PII)

Added information and corrections to online related examples

Response submitted 13 March 2009

O P C

8OWASP

Draft NIST SP 800-53 Revision 3

Key information security document for US federal sector

Controls to comply with the Federal Information Security Management Act (FISMA)

First major update since 2005 Response submitted 27 March 2009 Final public draft published June 2009

O P C

9OWASP

DPC BS 10012

Implementation of a Personal Information Management System (PIMS)

PI rather than information security (IS) Response submitted 31 March 2009 BS 10012:2009 published May 2009

O P C

10OWASP

Frontier Airlines

North American airline based in Denver, Colorado

Presentation covering fundamentals of AppSec and an introduction to OWASP

Completed May 2009

O P C

11OWASP

Draft NIST SP 800-118

Draft Guide to Enterprise Password Management

Suggestions focussed on: increasing information on application-related

issuesproviding additional detail and referencespassword complexity requirements must be

related to risk and should be kept secret

Response submitted 29 May 2009

O P C

12OWASP

CFP Conference 2009

Computers, Freedom and Privacy Conference

Tutorial on “The Web is a Dangerous Place”

Completed June 2009

O P C

13OWASP

Insurance Institute of London (IIL)

Insurance Aspects of E-Commerce Book launch Potential for future collaboration Completed June 2009

O P C

14OWASP

ENISA Who-Is-Who

European Network and Information Security Agency (ENISA)

EU AppSec EU09 in co-operation with ENISA

Who-is-Who Directory on Network and Information Security 2009 (v4.0)

No OWASPEuropean chapter leaders3 UK chaptersOWASP (international)

O P CC

15OWASP

SAFEcode Secure Software Development

Software Assurance Forum for Excellence in Code

Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today

In progress Response due 31 July 2009

O P C

16OWASP

Contribute

Participate in OWASP projects Suggest organisations to engage with and

documents/standards/drafts to comment on

Provide input to the response creation and review process

Join the Global Industry Committee’s mailing list

O P C

http://www.owasp.org/index.php/Global_Industry_Committee

17OWASP

End