[Owasp-leaders] FW: OWASP Projects

Jeff Williams jeff.williams at aspectsecurity.com
Tue Jul 18 23:13:43 EDT 2006

Hi folks,

The folks at Korelogic have offered to lead the Metrics project and take
on a new project to produce some standards for application assessments.

In their words, the Assessment Standards "project will not define how to
technically to conduct an assessment (refer to OWASP Testing Project);
it is instead meant to tie business operations and information
management practices to application security in order to establish a
common, consistent set of standards which provide guidance in conducting
such assessments."

Please read their writeups and give them some comments.


-----Original Message-----
From: Cliff Barlow [mailto:cbarlow at korelogic.com] 
Sent: Friday, July 14, 2006 3:14 PM
To: jeff.williams at aspectsecurity.com
Cc: Bob Austin
Subject: OWASP Projects


Attached are the two project outlines that we've discussed.

We believe the Metrics project document to be ready for posting but
since we discussed we thought it appropriate to get your review before
doing so.

As for the Assessment Standards project, we see this as potentially
susceptible to political - organizational battles and are concerned.
You are more familiar with potential land mines so hoping as you read
through if you could let us know how this would play.  Once we get your
feedback, we'll adjust and post if all agree on benefits and success


Cliff Barlow, CISSP-ISSMP
KoreLogic Security
Director Consulting Services
269.982.1707 (Office)
269.876.0442 (Mobile)
PGP Fingerprint:  3AC7 DB29 FF36 5163 F608  3A03 C468 DA21 6404 C85F

This E-mail and any of its contents may contain KoreLogic, Inc.
proprietary information, which is privileged, confidential, or subject
to copyright belonging to KoreLogic. This E-mail is intended solely for
the use of the individual or entity to which it is addressed. If you are
not the intended recipient of this E-mail, you are hereby notified that
any dissemination, distribution, copying, or action taken in relation to
the contents of and attachments to this E-mail is strictly prohibited
and may be unlawful. If you have received this E-mail in error, notify
the sender or e-mail kore at korelogic.com immediately and permanently
delete the original and any copy of this E-mail.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: ATT01866.doc
Type: application/msword
Size: 139264 bytes
Desc: ATT01866.doc
Url : https://lists.owasp.org/mailman/private/owasp-leaders/attachments/20060718/e42e2df3/attachment.doc 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ATT01869.doc
Type: application/msword
Size: 114688 bytes
Desc: ATT01869.doc
Url : https://lists.owasp.org/mailman/private/owasp-leaders/attachments/20060718/e42e2df3/attachment-0001.doc 

More information about the OWASP-Leaders mailing list