[Esapi-user] [Esapi-dev] OWASP Top 10 for 2010 and ESAPI mapping..

Chris Schmidt chrisisbeef at gmail.com
Fri Apr 22 14:41:11 EDT 2011


Thanks! I just got caught up on this thread so I appreciate you hopping in and sharing this

Sent from my iPwn

On Apr 22, 2011, at 10:38 AM, Chris <chris.dickinson at web.de> wrote:

> Nishi,
> 
> I believe what you are looking for is on slide #8 of https://www.owasp.org/images/c/c7/ESAPI-2010-AppSecDC.pptx (c.f. attachment). It looks like Chris Schmidt presented this at the AppSec DC 2010 (http://www.youtube.com/watch?v=suphwAsb-To).
> 
> Cheers,
> 
> on 04/22/2011 09:39 AM Christian Heinrich wrote :
>> 
>> Nishi,
>> 
>> The correlation between the OWASP Top Ten 2004, 2007 and 2010 releases
>> is available from
>> https://lists.owasp.org/pipermail/owasp-topten/2010-July/000686.html
>> 
>> This might be helpful to expand the scope the graphic by Jeff for
>> ESAPI to the Top Ten 2007 release for the 2004 and 2010 Top Ten
>> releases.
>> 
>> On Fri, Apr 22, 2011 at 1:53 PM, Kevin W. Wall <kevin.w.wall at gmail.com> wrote:
>>> Nishi,
>>> 
>>> If you can did up the one that Jeff did for 2007 and provide it as a
>>> starting point
>>> and email it to, I'll take a crack at it for ESAPI 2.0.
>>> 
>>> -kevin
>>> 
>>> On Thu, Apr 21, 2011 at 11:51 PM, Nishi Kumar <nishi787 at hotmail.com> wrote:
>>>> I can create the graphic if somebody from ESAPI group can give me the
>>>> mapping between OWASP Top 10 for 2010 and ESAPI 2.0. Also the one Jeff did
>>>> was for 2007
>>>> 
>>>> Thanks
>>>> Nishi Kumar
>>>> OWASP Industry Committee
>>>> 
>>>>> Date: Thu, 21 Apr 2011 23:40:56 -0400
>>>>> Subject: Re: [Esapi-dev] OWASP Top 10 for 2010 and ESAPI mapping..
>>>>> From: kevin.w.wall at gmail.com
>>>>> To: nishi787 at hotmail.com
>>>>> CC: jim.manico at owasp.org; esapi-dev at lists.owasp.org;
>>>>> esapi-user at lists.owasp.org
>>>>> 
>>>>> I think I saw something like this that Jeff Williams did for ESAPI 1.4
>>>>> but I'm not
>>>>> aware of anyone who has done it for ESAPI 2.0.
>>>>> 
>>>>> -kevin
>>>>> 
>>>>> On Thu, Apr 21, 2011 at 10:14 PM, Nishi Kumar <nishi787 at hotmail.com>
>>>>> wrote:
>>>>>> Hi All,
>>>>>> 
>>>>>> Do we have a mapping for OWASP Top 10 for 2010 and ESAPI api's. Can
>>>>>> somebody
>>>>>> please point me where I can find this? I am trying to put together a
>>>>>> presentation for Industry outreach from Industry committee and would
>>>>>> like to
>>>>>> have updated version of the mapping which corresponds to OWASP Top 10
>>>>>> for
>>>>>> 2010
>>>>>> 
>>>>>> Thanks
>>>>>> Nishi Kumar
>>>>>> OWASP CBT Project Lead
>>>>>> 
>>>>>> _______________________________________________
>>>>>> Esapi-dev mailing list
>>>>>> Esapi-dev at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/esapi-dev
>>>>>> 
>>>>>> 
>>>>> 
>>>> 
>>> _______________________________________________
>>> Esapi-user mailing list
>>> Esapi-user at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/esapi-user
>>> 
>> 
>> 
> 
> <esapi_top_ten.png>
> _______________________________________________
> Esapi-user mailing list
> Esapi-user at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20110422/63ce9e9b/attachment.html 


More information about the Esapi-user mailing list