[Owasp-guide] OWASP Developer Guide 3.0 Reboot
abraham.kang at owasp.org
Fri Apr 27 16:34:06 UTC 2012
That would be great! I have read the existing Guide two times and have
been making comments in the margins (in terms of gaps and areas that need
I am hoping to have some free time in the following weeks to start writing.
Looking forward to working with you.
On Thu, Apr 26, 2012 at 10:43 PM, Andrew van der Stock
<vanderaj at owasp.org>wrote:
> Thanks for clearing that up - I did not see your standing down in my
> e-mails, so my apologies. Thank you for your efforts in looking after the
> @Abraham, do you feel like co-leading the effort with me? This is a big
> job, and having no bottlenecks is always a good idea with big projects.
> On 26/04/2012, at 6:50 PM, Vishal Garg wrote:
> > Hi Andrew and All,
> > I had stepped down as project lead from OWASP Development Guide
> > project in July last year due to some other commitments at the time. I
> > had made Paulo aware of my intentions. Following this, Abraham Kang
> > had taken the charge for the guide and had become the project lead. I
> > had provided him the Admin rights for both the wiki and the mailing
> > list.
> > If he is still active on this project, I am sure he will be able to
> > provide an update.
> > Regards
> > Vishal
> > ________________________________
> >> From: Andrew van der Stock <vanderaj at owasp.org>
> >> To: owasp-guide at lists.owasp.org
> >> Cc: vishalgrg at gmail.com
> >> Sent: Wednesday, April 25, 2012 6:39 AM
> >> Subject: [Owasp-guide] OWASP Developer Guide 3.0 Reboot
> >> Hi there,
> >> A few weeks ago, I was asked to reboot the OWASP Developer Guide
> >> I've been in deep thought on the matter, as unless you've written a
> book and
> >> in particular, this one, you have no idea what sort of toll it has on
> >> personal life.
> >> As Vishal has not posted for > 12 months, and didn't respond to Paulo in
> >> July last year, the project would currently be classed as inactive. The
> >> Guide 2.0 is approaching its seventh birthday, so it's time to reboot
> it as
> >> that's more than 100 Internet years.
> >> Goals
> >> * The Developer Guide will be re-vamped to be only about leading
> >> for architects and builders. This should make it shorter, or at least
> >> focused.
> >> * Examples will use ESAPI and PHP first, and other languages /
> >> second. Primarily because that will force me to finish the ESAPI for PHP
> >> project. From there, it's trivial to port to other languages and
> >> frameworks.
> >> * All advice on how to test or review code will be removed / donated to
> >> those projects.
> >> * ASVS aimed to be the initial 80% that gets you started. The Developer
> >> Guide will aim for close to 100% coverage of the current landscape,
> >> including fads like big data, cloud, and Ajax (which are really the same
> >> thing as we previously documented).
> >> As there's been some progress on the 3.0, I will take some time to
> >> existing changes to material and outline, and work to bring them into
> >> with OWASP ASVS and the common numbering standard. Once that's done,
> >> open up chapter allocations to contributors.
> >> Deadline
> >> Let's get 'er done by the end of the year. This is entirely possible,
> >> particularly if I can have some helpers.
> >> Vote
> >> Do you folks mind if I take the reins again?
> >> Help
> >> As a quick show of hands, who is available to help with the effort?
> >> thanks,
> >> Andrew
> >> _______________________________________________
> >> Owasp-guide mailing list
> >> Owasp-guide at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-guide
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-guide