In the second session a further four OWASP leaders explain their own projects in 10-minute lightning talks, describing the aims, audience, benefits and free open source outputs available from the following OWASP projects:
- Top 10 Proactive Controls, describing the most important control and control categories that every architect and developer should include in every project, and Cheat Sheet Series, providing a concise collection of high value information on specific web application security topics.
- Offensive Web Testing Framework (OWTF), making security assessments as efficient as possible by automating the manual uncreative part of pen testing, and providing out-of-box support for the OWASP Testing Guide, and NIST and PTES standards.
- Knowledge Based Authentication Performance Metrics, establishing standard performance metrics for knowledge based authentication (KBA) in alignment the NSTIC guiding principles — at the intersection of security, identity and privacy.
- Software Assurance Maturity Model (OpenSAMM), an open framework to help organizations measure, improve and manage their software security practice that is tailored to the specific risks facing the organization.