Download Advanced SQL Injection - Victor Chapela

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
Document related concepts
no text concepts found
Transcript 
Java Project Status
OWASP
AppSec
Seattle
Oct 2006
Rohyt Belani
OWASP Java Project Lead
Managing Director, MANDIANT
[email protected]
Copyright © 2006 - The OWASP Foundation
Permission is granted to copy, distribute and/or modify this document under the
terms of the Creative Commons Attribution-ShareAlike 2.5 License. To view this
license, visit http://creativecommons.org/licenses/by-sa/2.5/
The OWASP Foundation
http://www.owasp.org/
The Objective
 To facilitate the building of secure Java and J2EE
applications
 Introduce Software Architects to security design and
architectural considerations
 Arm Java developers with the know-how to cover the
spectrum of security issues during development, such as
input validation, encryption, error handling, logging, etc.
 Assist application deployers in reducing the attack
surface of the application servers
 Provide security testers information on security analysis
tools and techniques
OWASP AppSec Seattle 2006
2
What have we achieved?
Started in June 2006
Led by Stephen De Vries & Rohyt Belani
Over 50 members subscribed to the project
mailing list
11 articles
Several more articles in the works
Articles provide practical information
supplemented with appropriate snippets of code
OWASP AppSec Seattle 2006
3
Our plan going forward…
Provide practical coverage on noteworthy
frameworks like Struts, Hibernate, etc.
Complete work on the current list of articles in
the next 6 months
Make this project the “one stop shop” for the
security needs of Java developers
We need your help to make this happen!
OWASP AppSec Seattle 2006
4
What you can do…
Provide suggestions on topics that you will like
covered in addition to those currently outlined in
the project roadmap
Initiate and participate in appropriate idea
exchanges on the project mailing list
Contribute by writing articles or even pieces of
larger articles
Secure the world…function() by function()
OWASP AppSec Seattle 2006
5
For more information…
Visit:
http://www.owasp.org/index.php/Category:OWASP_Java_Project
Email Contact:
Rohyt Belani: [email protected]
Stephen De Vries: [email protected]
OWASP AppSec Seattle 2006
6
Related documents
View Report - PDF
View Report - PDF
Slide 1
Slide 1
OWASP_WebGoat
OWASP_WebGoat
Do`s and Don`ts for web application developers
Do`s and Don`ts for web application developers
Colinwatson-a-new-ontology-of-unwanted-automation
Colinwatson-a-new-ontology-of-unwanted-automation
From Startup to IPO: Managing Security Risk in a Rapidly Growing
From Startup to IPO: Managing Security Risk in a Rapidly Growing
OWASP Education Project
OWASP Education Project
OWASP_Flyer_Sep06
OWASP_Flyer_Sep06
OWASP`s Ten Most Critical Web Application Security Vulnerabilities
OWASP`s Ten Most Critical Web Application Security Vulnerabilities
OWASPEU_SourceReview
OWASPEU_SourceReview
Secure Coding Practices
Secure Coding Practices
Slide 1
Slide 1
OWASP_Academies_Meeting_GR_presented
OWASP_Academies_Meeting_GR_presented
Advanced Web Services Security & Hacking
Advanced Web Services Security & Hacking
Alternative authorisation strategies
Alternative authorisation strategies
AppSecEU08-ReformAndCanoodle-Eddington
AppSecEU08-ReformAndCanoodle-Eddington
ppt - owasp
ppt - owasp
OWASP_ellak-Greece
OWASP_ellak-Greece
AppSecEU08-SRF_Simon_Roses
AppSecEU08-SRF_Simon_Roses
Project Plan Template
Project Plan Template
OWASPAU08_Session_8_Eddington
OWASPAU08_Session_8_Eddington
Media:Adam Boulton Security Assessing Java RMI
Media:Adam Boulton Security Assessing Java RMI