OWASP Updates

[Mark Curphey <mark () curphey com>]

We are still trying to get our servers back from Cogent. They took them when our hosting company didn't pay their bill 
! If anyone can help (especially if you are from Cogent) please contact Jeff Williams. If your company hosts with 
Cogent please call up your rep and voice your opinion. We are running on backup which isn't ideal and may not be able 
to stay online for long unless Cogent returns the boxes. Likewise if you have any reasonable hardware you can donate, 
it will now be tax deductible with the OWASP Foundation. 

Jeff Williams took over from myself as Chair a while back and with Jeff's work we now have the OWASP Foundation setup, 
the OWASP Board of Advisors (which includes Chuck Phleeger and several members from top Wall Street Banks and US 
financial services companies) and are getting more organized by the day. We now have a dedicated circuit from which to 
run the OWASP site.

The portal has a full CMS being integrated that will vastly improve the site. We are working on discussion boards as 
well sometime this year and other ideas.

OWASP Conference - The schedule is now up on the OWASP site. As I think you'll agree the agenda is pretty impressive 
with some great speakers. We expect to be able to start tasking credit cards by the end of next week, in the meantime 
seats are limited to 300 and I would strongly recommend PayPal or a check to secure a place. 

Testing Part 1 - Is currently being proof read ready for release. 

New projects coming soon.

ANSA - There is a new version of ANSA (ASP.NET security analyzer) already coded and just being finished. Lots of new 
vulnerability checks and easier to install and extend.

Software Security Metrics - Jack Danahy (CEO of Ounce Labs) will be running a software security metrics project. You 
can sign up for that list at the OWASP Sourceforge site and help Jack define the projects charter. 

Web Privacy - Brendon Lynch will be running a web privacy project. Brendon is a member of the IAPP (International 
Association of Privacy Professionals) and having worked with him in the past this is going to be a great project.  

J2EE / .NET Guides and others things - We are working with a large financial services company who is planning to donate 
J2EE, .NET and other Guides to OWASP as well as potentially some tools and help with technical editing. This is an 
excellent trend as large companies are joining in to help us officially.

Lastly - I owe lots of people who volunteered for editing a reply email. We are very thankful for the offers. I am just 
swamped with work and life and trying to catch up. Please bear with me.

Cheers,


Mark