[Owasp-testing] Template for the OWASP Testing Guide v3
Dave van Stein
dvstein at gmail.com
Tue May 27 12:18:09 EDT 2008
Or just do not talk at all about pro's and con's in the case of commercial
we can always use their non-GNU status as an excuse :)
2008/5/27 Daniel Cuthbert <daniel.cuthbert at owasp.org>:
> Agreed but these are shark infested waters :)
> I never had any issues referencing them in previous versions, as long as we
> offer the pro's and con's of both
> On 27 May 2008, at 6:03 PM, Dave van Stein wrote:
> Personally I think if we want to be absolutely unbiased we should mention
> commercial tools. Off course we do not have to go in to details what every
> tool is capable of, but if, for example, a chapter deals with automated
> vulnerability scanners, products of HP, IBM, Acunetix and others should at
> least be mentioned to exist.
> but, off course, that is just my opinion :)
> 2008/5/27 Matteo Meucci <matteo.meucci at gmail.com>:
>> Hi Kevin,
>> sure we would not like to promote any commercial tools.
>> Do you mean to create 2 separate tool indexes? One for commercial and
>> one for open source? We usually suggest only open source tools.
>> Look for example at the following:
>> On Tue, May 27, 2008 at 3:31 PM, kevin horvath <kevin.horvath at gmail.com>
>> > Matt,
>> > The format looks good to me. One suggestion is change the "Tools"
>> > subsection to "Type of Tools" so that we are not seen as promoting any
>> > certain tools such as commericial type tools or open source tools
>> > which may have been backdoored. For example we could say "Web proxy
>> > or browser plugin", unless OWASP has a tool for it in which it could
>> > go like this, "Web proxy such as Webscarab or a browser plug-in".
>> > Just want to make sure we are still seen as unbiased and not seen as
>> > promoting any commercial vendor.
>> > Kevin
>> > On Sun, May 25, 2008 at 6:46 PM, Matteo Meucci <matteo.meucci at gmail.com>
>> >> Hi all,
>> >> does it fit for you the following template for each paragraph?
>> >> https://www.owasp.org/index.php/Template_Paragraph_Testing_v3
>> >> That is the old Template for the OWASP Testing Guide v2, I think it
>> >> should work also for this new version.
>> >> Mat
>> >> _______________________________________________
>> >> Owasp-testing mailing list
>> >> Owasp-testing at lists.owasp.org
>> >> https://lists.owasp.org/mailman/listinfo/owasp-testing
>> Matteo Meucci
>> OWASP-Italy Chair, CISSP, CISA
>> OWASP Testing Guide lead
>> Owasp-testing mailing list
>> Owasp-testing at lists.owasp.org
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-testing