Open Web Application Security Project -- az alkalmazásbiztonság ügyét mozdítja elő. Az AppSec ügye: a hackereknek ellenállóbb szoftver.
See all
Members (74)
Timur Khrotko (x)'s profile photo
Tibor Bősze's profile photo
Timur “x” Khrotko's profile photo
OWASP HU's profile photo
Eniko Szekely's profile photo
Tibor Fekete's profile photo
Csaba Krasznay's profile photo
Túri Gábor's profile photo
Antonio Cunha Santos's profile photo
‫كايد الشلاقي‬‎'s profile photo
Peter Palai (PPeti)'s profile photo
Ferenc Czirok's profile photo
Krisztián Schäffer's profile photo
Zsuzsanna Szendreiné Bacsó's profile photo
Laci Gyuricsek's profile photo
Kovács János's profile photo
Prém Dániel's profile photo
ifj. Bodor Tibor's profile photo
Balazs Komar's profile photo
Péter Béleczki's profile photo
geza benko's profile photo
Ábrahám Viktor's profile photo
Adam Zsuffa's profile photo
Jäckl Attila's profile photo

Stream

Join this community to post or comment

Tibor Fekete
owner

Radar (érdekes)  - 
 
 
Learn #Hacking with Kali #Linux — Free eBook (for limited time) — Get Your Copy Now http://bit.ly/1ZRCSVO 
Over 70 recipes to help you master Kali Linux for effective penetration security testing.
1
Add a comment...

Timur Khrotko (x)
owner

Meetups  - 
 
egy 2014-es eseményről
 ·  Translate
1
Imre Fekete's profile photoTimur Khrotko (x)'s profile photo
2 comments
 
jogos :)
 ·  Translate
Add a comment...

Timur Khrotko (x)
owner

Radar (érdekes)  - 
 
egy appsec magazin
 ·  Translate
1
Add a comment...

OWASP HU
moderator

Repo (hasznos)  - 
 
OWASP ASVS V3
Application Security Verification Standard 3.0. ASVS 3.0 in English. (download PDF - 1.2 MB). We are looking for translators for this version. If you can help us, please contact the project mail list! Legacy Application Security Verification Standard 2.0 (final) ...
1
Add a comment...

OWASP HU
moderator

Meetups  - 
 
Glenn ten Cate (OWASP NL)
OWASP Security knowledge Framework -- Survival is not mandatory
@ OWASP track @hacktivityconf 1510 
slides: https://drive.google.com/open?id=0B0cClYnFAJHmM19tdFpxdHRDZjhOeld5a0xJbHltWW9jbTRr
1
Add a comment...

OWASP HU
moderator

Meetups  - 
 
Márk Vinkovits (HU, Security engineer / LogMeIn)
I play Jack of Information Disclosure – How to do threat modeling via playing cards
@ OWASP track @hacktivityconf 1510 
slides: https://drive.google.com/open?id=0B0cClYnFAJHmeTRDakx4Q25yYlU
1
Add a comment...

Timur Khrotko (x)
owner

Repo (hasznos)  - 
 
ThreadFix Community Edition
http://www.threadfix.org/product-tour/
1
Add a comment...

Timur Khrotko (x)
owner

Repo (hasznos)  - 
 
"The Problem – Cycle time for software is getting shorter – Continuous delivery is a goal – Scanning windows are not viable – First mover / first to market advantage ... The Solution - Automated software testing - Automated operational infrastructure - Automated security testing"
 
Some really great ideas here from +Matt Tesauro 
Bruce Lee once said “Don’t get set into one form, adapt it and build your own, and let it grow, be like water“. AppSec needs to look beyond itself for answers to solving problems since we live in a world of every increasing numbers of apps. Technology and apps have invaded our lives, so how to you lead a security counter-insurgency? One way is to look at the key tenants of DevOps and apply those that make sense to your approach to AppSec. Somethi...
1
Add a comment...

Timur Khrotko (x)
owner

Repo (hasznos)  - 
1
Add a comment...

About this community

Open Web Application Security Project -- az alkalmazásbiztonság ügyét mozdítja elő. Az AppSec ügye: a hackereknek ellenállóbb szoftver. ✦ AppSec -- tedd működőképessé! ✦

Timur “x” Khrotko
owner

Radar (érdekes)  - 
1
Add a comment...

Timur Khrotko (x)
owner

Radar (érdekes)  - 
 
Independent security advice can keep you out of The Register's security section
1
Add a comment...

Tibor Fekete
owner

Discussion (vélemény)  - 
 
"Bake security into the foundations of your applications. Don't make it something that has to be reasoned about down the line by non-experts. For example: If a developer has to ask themselves if they should generate a nonce randomly or if it would be okay to just pass the same value every time, you have failed."
There are three forms of dishonesty: Lies, damned lies, and security trade-offs.
1
Add a comment...

Tibor Fekete
owner

Radar (érdekes)  - 
 
The Depressing Effect of Bug Bounties - Why we need to focus on capacity building
1
Add a comment...

OWASP HU
moderator

Meetups  - 
 
Jim Manico (OWASP)
OAuth and the Hungarian Proverb, Addig nyújtózkodj, amíg a takaród ér
@ OWASP track @hacktivityconf 1510 
 ·  Translate
1
Add a comment...

OWASP HU
moderator

Meetups  - 
 
Martin Knobloch (OWASP NL)
Secure software, start appreciating your developers!
@ OWASP track @hacktivityconf 1510
slides: https://drive.google.com/open?id=0B0cClYnFAJHmN2NzUjBNejRjOXBKUDN5SkYwUERyaWJNWUZF
1
Add a comment...

Tibor Fekete
owner

Radar (érdekes)  - 
 
“Short-term solutions tend to stay with us for a very long time. And long-term solutions tend to never happen,” said Yakov Rekhter, one of the engineers who invented the “three-napkins protocol.” “That’s what I learned from this experience.”

Jó kis technológia történelem, de a fenti tanulság miatt került ide. Akadályozzuk meg még idejekorán a bajt: egy kis odafigyeléssel fejlesszünk átgondoltabb, biztonságosabb rendszereket.
 ·  Translate
A key protocol created as a short-term solution in 1989 is designed to automatically trust users, a flaw that leaves the network ripe for attack.
1
Add a comment...

Timur Khrotko (x)
owner

Repo (hasznos)  - 
 
"OWASP dependency-check is an open source solution the OWASP Top 10 2013 entry: A9 - Using Components with Known Vulnerabilities. Dependency-check can currently be used to scan Java applications (and their dependent libraries) to identify known vulnerable components."
1
Add a comment...

Timur Khrotko (x)
owner

Radar (érdekes)  - 
 
It’s harder every day for IT security professionals to fight off the latest attacks. Utilities such as antivirus software and intrusion prevention systems (IPSs) are often ineffective against today’s advanced malware and emerging cyberthreats... #enterprisesecurity #guidelines #networksecurity
1
Timur Khrotko (x)'s profile photo
 
letölthető
Add a comment...