Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
OWASP A&D Project
OWASP A&D Project Leaders
Takaharu Ogasa
Yuichi Hattori
Shota Sato
Apr 15, 2018
What’s OWASP A&D Project?
• A&D stands for Attack and Defense.
• OWASP A&D Project is a
Deliberately Vulnerable Web-applic...
A&D Platform
• The platform will include
– standalone mode for self-study
– Competition mode mode for event
• The platform...
A&D Platform
A&D Platform Overview(Competition Mode)
Operator’s
Server
Participant’s
servers
Status Check
Attack
Fix And S...
Competition Mode
• Competition mode is for multi users event.
• We will provide
– Ranking and Score Graph
– Auto Scoring
–...
A&D Platform Overview(Standalone Mode)
A&D Platform
Check Server
(Automated
Or
Manual)
Challenge’s
Servers
Status Check
At...
Standalone Mode
• Standalone mode is for Self-Study.
• Standalone mode concept is developer can
study at home.
• We will p...
Roadmap of next 6 months
• develop A&D platform.
• develop 3 insecure web application for the
platform.
• create A&D Quick...
Deliverables of next 6 months
• Attack and Defense Quick Start Guide(PDF).
– For Event, For Self-Study.
• A&D Platform
– s...
Nächste SlideShare
Wird geladen in …5
×

OWASP A&D Project

OWASP A&D Project Introduction

Ähnliche Bücher

Kostenlos mit einer 30-tägigen Testversion von Scribd

Alle anzeigen

Ähnliche Hörbücher

Kostenlos mit einer 30-tägigen Testversion von Scribd

Alle anzeigen
  • Als Erste(r) kommentieren

OWASP A&D Project

  1. 1. OWASP A&D Project OWASP A&D Project Leaders Takaharu Ogasa Yuichi Hattori Shota Sato Apr 15, 2018
  2. 2. What’s OWASP A&D Project? • A&D stands for Attack and Defense. • OWASP A&D Project is a Deliberately Vulnerable Web-application Interactive Platform focuses on web application developers to fix its vulnerabilities through the real world like environment. – We call this platform A&D platform. • The project aim is participants to acquire skills of find and fix web application vulnerabilities.
  3. 3. A&D Platform • The platform will include – standalone mode for self-study – Competition mode mode for event • The platform will support – automatic attack to the web application – Status check for web application vulnerabilities
  4. 4. A&D Platform A&D Platform Overview(Competition Mode) Operator’s Server Participant’s servers Status Check Attack Fix And Search (SSH) View Status and Ranking (HTTP)
  5. 5. Competition Mode • Competition mode is for multi users event. • We will provide – Ranking and Score Graph – Auto Scoring – Match system like Tennis
  6. 6. A&D Platform Overview(Standalone Mode) A&D Platform Check Server (Automated Or Manual) Challenge’s Servers Status Check Attack Fix And Search (SSH) View Status (HTTP)
  7. 7. Standalone Mode • Standalone mode is for Self-Study. • Standalone mode concept is developer can study at home. • We will provide study environment include vulnerabilities description. • We will provide some challenges what adjusted a insecure web application for A&D event.
  8. 8. Roadmap of next 6 months • develop A&D platform. • develop 3 insecure web application for the platform. • create A&D Quick Start Guide for Event . • create A&D Quick Start Guide for Self-Study. • Finalize the A&D project and have it reviewed to be promoted from an Incubator Project to a Lab Project.
  9. 9. Deliverables of next 6 months • Attack and Defense Quick Start Guide(PDF). – For Event, For Self-Study. • A&D Platform – source code, docker image, and vm image. • Three Insecure web application – source code, docker image, and vm image.

×