[OWASP-GUIDE] Here are the allocations I currently have for Release 2
Andrew van der Stock
avanderstock at b-sec.com
Thu Dec 12 18:21:05 EST 2002
Mark,
No worries. Let me deliver on the .NET Passport section first, and then
I'll help out the guys on ASP.NET, etc. If they want, I have some
content they may be interested in to get them started. As it's in MS
Office format, and quite large, if they can mail me off-line, that'd be
great. The PPT file has a good 30 slides on ASP.NET lockdowns alone, and
I'm sure that can be modified into some basic lockdowns tout de suite.
ISO 17799 is easy to comply with - it's basically improving suggestions
that we already make. A full audit will take time, and sure, let's say
3.0 is going to be fully compliant, but I'm happy to ensure that any
section I review or write is 17799-ready. That way we know there's less
work to do for 3.0 in this area. I'm sure others have 17799 as well, and
are likely to use it day to day.
Also, Australia/NZ risk consultants should be compliant with AS4360, the
risk management standard (and as far as I am aware, the only risk
management standard in the world). I will provide review comments to any
chapter that deals with risk. It may be enough to say something along
the lines of "Australian and New Zealand risk management practices
should be compliant with AS4360, available from Standards Australia".
Thanks,
Andrew
-----Original Message-----
From: owasp-guide-admin at lists.sourceforge.net
[mailto:owasp-guide-admin at lists.sourceforge.net] On Behalf Of Mark
Curphey
Sent: Friday, 13 December 2002 9:56 AM
To: owasp-guide at lists.sourceforge.net; owasp-guide at lists.sourceforge.net
Cc: ivan.arce at core-sdi.com
Subject: RE: [OWASP-GUIDE] Here are the allocations I currently have for
Release 2
.NET passport would be fantastic and maybe you can work with the .NET
framework and ASP.net guys if you have time.
I'll jot you down for that.
ISO - 7799 is an intereting thought, not one that we have discussed
before. I think it has some value, but if its OK with you I would like
to table it for discussion for Release 3.0 ?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3269 bytes
Desc: not available
Url : http://lists.owasp.org/pipermail/owasp-guide/attachments/20021213/97b97ddc/attachment.bin
More information about the Owasp-guide
mailing list