Slide 1
Slide 1 text
OWASPͷา͖ํ
Innovation EGG ୈ7ճ LT Edition
Slide 2
Slide 2 text
ΣϒΛऔΓר͘Λղܾ͢ΔͨΊͷࠃࡍతͳΦʔϓϯίϛϡχςΟ
Slide 3
Slide 3 text
ຊͰOWASPνϟϓλʔͷઃཱ͕ྲྀߦΔ
࠷ۙɺ2ڌՃͱͳΓ·ͨ͠ɻ
Fukushima
Okinawa
https://www.owasp.org/index.php/Japan
Slide 4
Slide 4 text
ͦΜͳதݱࡏຊྻౡɺɺɺ
Slide 5
Slide 5 text
ΠϯϑϧΤϯβͷରࡦ͞·͟·
جຊతͳ
͏͕͍ɾखચ͍
පӃͰͷ
௨Ӄɾ༧ઁऔ
ϚεΫͷ
ண༻
Slide 6
Slide 6 text
ͦΕͰ͔͔Δͱ͖͔͔Δ
Slide 7
Slide 7 text
γεςϜಉ͡ʂͲΜͳରࡦΛ͍ͯͯ͠μϯ͢Δͱ͖μϯ͢Δ
Slide 8
Slide 8 text
ͱ͜ΖͰɺɺɺɺීஈ͔ΒΠϯϑϧΤϯβରࡦͨΓલʹ͍ͬͯΔɻ
جຊతͳ
͏͕͍ɾखચ͍
පӃͰͷ
௨Ӄɾ༧ઁऔ
ϚεΫͷ
ண༻
Slide 9
Slide 9 text
͍ͬΆ͏ͦͷ͜ΖɺɺɺγεςϜͲ͏͔ɻɻɻ
Slide 10
Slide 10 text
૬ख͕࣌ؒ͋Γɺົͳ߈ܸΛ͔͚ͯ͘͠ΔͭΒ
Slide 11
Slide 11 text
γεςϜಉ͡ʂηΩϡϦςΟରࡦΛͨΓલʹ͍ͯ͜͠͏
Slide 12
Slide 12 text
Ͳ͏ͨΓલʹ͢ΕΑ͍͔ɻOWASPͷπʔϧͰ֬ೝͯ͠ΈΑ͏
Slide 13
Slide 13 text
ηΩϡϦςΟରࡦͷجຊతͳཧղʹOWASPͷυΩϡϝϯτΛݟΑ͏!
جຊతͳ
͏͕͍ɾखચ͍
පӃͰͷ
௨Ӄɾ༧ઁऔ
ϚεΫͷ
ண༻
Slide 14
Slide 14 text
OWASP Top 10Ͱओཁͳ੬ऑੑͱͦͷରࡦΛཧղ!
࠷ۙɺMobile Top10 2016ӳޠ൛Ͱ·ͨ͠ɻ
https://www.owasp.org/index.php/Mobile_Top_10_2016-Top_10
Slide 15
Slide 15 text
ηΩϡϦςΟରࡦΛޮతʹߦ͏ʹOWASPͷπʔϧΛ͓͏!
جຊతͳ
͏͕͍ɾखચ͍
පӃͰͷ
௨Ӄɾ༧ઁऔ
ϚεΫͷ
ண༻
Slide 16
Slide 16 text
OWASP ZAPʹΑΓϫϯΫϦοΫͰ؆୯ʹ੬ऑੑΛνΣοΫ!
Slide 17
Slide 17 text
ͦͷଞπʔϧ
① 要件定義
OWASP ASVS(Application Security Verification Standard
)
Web システム/Web アプリケーションセキュリティ要件書
② 設計・開発
OWASP Cheat Sheet Series
OWASP Proactive Controls
③ テスト・導⼊
OWASP ZAP(Zed Attack Proxy)
OWASP Testing Guide
④ 運⽤・保守
OWASP AppSensor
OWASP Dependency Check
⑤ 知識
OWASP Top10 / Mobile Top10 / IoT Top 10
OWASP Snakes and Ladders
Slide 18
Slide 18 text
OWASP Cheer Sheet Series
Slide 19
Slide 19 text
ηΩϡϦςΟରࡦΛֶͿͳΒOWASPφΠτʹࢀՃ͠Α͏!
جຊతͳ
͏͕͍ɾखચ͍
පӃͰͷ
௨Ӄɾ༧ઁऔ
ϚεΫͷ
ண༻
Slide 20
Slide 20 text
3ϲ݄ʹ1ͷOWASPφΠτͰΣϒηΩϡϦςΟͷ࠷৽ٕज़Λٵऩ!
Slide 21
Slide 21 text
OWASP Kansaiษڧձ͋Γ·͢ɻ
Slide 22
Slide 22 text
ʲࠂʳ4/2ʢʣʹԭೄͷࠃࡍిࢠϏδωεઐֶߍͰOWASP Night Okinawa #1։࠵!
https://owasp-okinawa.doorkeeper.jp/events/41031
Slide 23
Slide 23 text
͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ
ΣϒΛ͔ͨ͠ͳͷʹ