{% set baseFontFamily = "Open Sans" %} /* Add the font family you wish to use. You may need to import it above. */

{% set headerFontFamily = "Open Sans" %} /* This affects only headers on the site. Add the font family you wish to use. You may need to import it above. */

{% set textColor = "#565656" %} /* This sets the universal color of dark text on the site */

{% set pageCenter = "1400px" %} /* This sets the width of the website */

{% set headerType = "fixed" %} /* To make this a fixed header, change the value to "fixed" - otherwise, set it to "static" */

{% set lightGreyColor = "#f7f7f7" %} /* This affects all grey background sections */

{% set baseFontWeight = "normal" %} /* More than likely, you will use one of these values (higher = bolder): 300, 400, 700, 900 */

{% set headerFontWeight = "normal" %} /* For Headers; More than likely, you will use one of these values (higher = bolder): 300, 400, 700, 900 */

{% set buttonRadius = '40px' %} /* "0" for square edges, "10px" for rounded edges, "40px" for pill shape; This will change all buttons */

After you have updated your stylesheet, make sure you turn this module off

Secure Development Knowledgebase, "TeamMentor" Beta Program!

by Dinis Cruz on November 3, 2011

After months of re-architecting TeamMentor, Security Innovation’s secure guidance knowledge base repository product, TeamMentor has now officially entered beta.

I (Dinis Cruz) was part of the main development team of this version of TeamMentor, and we were able to add a number of dramatic enhancements, for example:

  • advanced customization capabilities of the content and the application itself
  • online editing functionality
  • lightning-fast navigation
  • easier implementation, distribution and consumption

So what is Team Mentor? Here is the official definition: TeamMentor empowers development teams with contextual knowledge assets that span development languages, technology categories and vulnerabilities. TeamMentor delivers essential intelligence at the time it’s needed to help development teams produce more secure applications, fix security vulnerabilities, and collaborate to create a customized best-practices approach.

For the next few weeks, we are making TeamMentor Beta available to evaluate, and here’s how you can check it out:

  • Try it online at http://50.19.221.68:90 - this is the version ot TeamMentor (TM) with the OWASP Top 10 Library (with 244 Guidance Items)
    • Here are the login details (note that the editor role change changes all content, so try to be gentle with the version online :) )
      • Reader - Reader/changeme
      • Editor - Editor/changeme
      • Administrator - admin/changeme
  • If you want to run TM locally you can download the latest binaries and source code from: OWASP Library - TeamMentor Beta (Tuesday, November 01, 2011).zip
  • Read the lastest news at the TeamMentor mailing list , which you can join to receive updates or to ask questions
  • If you download the TM code and want to run it locally, once you unzip it:
    • Launch the server but running either the "Start NET35.bat" file or the "Start NET4.bat" file (use the one that works for you).
      • Give it a couple of seconds to load. An icon in the system tray should appear, indicating that the "Cassandra" server is running.
      • Please, note tha the "Cassandra" server does not bind to external interfaces by default, so it will only be availableon the local machine when started from the bundled scripts.
    • A web browser should open automatically on the main page.
      • The page might have to be refreshed if the server does not load quickly enough
      • The home page will either http://localhost:12345 or http://localhost:12346
    • Login to the application with one of the pre-defined user accounts (listed above)

On the development side, in addition to jQuery and its multiple plug-ins, I also used the OWASP O2 platform, which for those who don’t know is an OWASP project that I have been leading for the last few years. O2 is focused on automating security knowledge and workflows, and it was used on TeamMentor project due to its powerful C# API’s that allow for quick prototyping and unit test development. If you want to read more about what is happening behind the scenes, take a look at the the TeamMentor development blog or the O2 Platform blog.

Enjoy TeamMentor, and let us know what you think of it :)

Topics: application security

Most Recent

What's Trending

Featured Resource