[GPC] OWASP Testing Guide: start a new project

• Previous message: [GPC] [Owasp-leaders] Donation of CSSReg/HTMLReg/JSReg
• Next message: [GPC] orphaned "OWASP Insecure Web App Project"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Board, Committee,

 

As you can see below, Matteo Meucci is willing to create the fourth version
of the Testing Guide and has kindly sent us his idea for approval/feedback.

 

As we haven't opened the new season of code still, I propose we make
available a budget to support expenses with language review, pagination
(graphical arrangement of pages) and marketing.

 

Please let us know your thoughts.

 

Thanks,

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: Matteo Meucci [mailto:matteo.meucci at owasp.org] 
Sent: segunda-feira, 24 de Maio de 2010 11:37
To: Paulo Coimbra
Subject: OWASP Testing Guide: start a new project

 

Hi Paulo,

here is my idea for the new Testing Guide.

 

(0) Project Name: OWASP Testing Guide (v4?)

 

(1) Project purpose / overview

- Review all the control numbers to adhere to the OWASP Common

numbering: http://www.owasp.org/index.php/Common_OWASP_Numbering

- Review all the sections in v3

- Create a more readable guide, eliminating some sections that are not
really usefull

- Insert new testing techniques: HTTP Verb tampering, HTTP Parameter
Pollutions, ecc

- Rationalize some sections as Session Management Testing

- Create a new section: Client side security and firefox extensions testing

 

(2) Project Roadmap (as mentioned above)

- Introduce the new project to the testing Guide mailing list

- Involve the contributors: we need to involve also the final users of the
Testing Guide (for example Banking to understand how they would like to
improve that).

- 1st June 2010: Start a brainstorming for the new index starting from (1)

- 1st July 2010: Create the new index and the new team

- 15th July 2010: Starting writing articles

- 15th September 2010: Starting the first review phase

- 15th October 2010: Starting writing articles II phase

- 15th November 2010: Starting the second review phase

- 15th December 2010: Create the RC1

- 15th January 2011: Release the version 4

 

(3) Project links (if any) to external sites,

- no

 

(4) Project License

(http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_Licens
ing),

Creative Commons Attribution Share Alike 3.0 as usal :)

 

(5) Project Leader name,

Matteo Meucci

 

(6) Project Leader email address

matteo.meucci at owasp.org

 

(7) Project Leader wiki account - the username (you'll need this to edit the
wiki) Mmeucci

 

(8) Project Maintainer (if any)  - name, email and wiki account (if any)
Matteo Meucci

 

(9) Project Contributor(s) (if any) - name email and wiki account (if any) A
short list of contributors that would like to improve the guide:

- Roberto Suggi Liverani

- Nick Freeman

- Stefano Di Paola

- Marco Morana

- Giorgio Fedon

- Kevin Horvath

 

Thanks,

Mat

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20100617/7bffd427/attachment-0001.html 

• Previous message: [GPC] [Owasp-leaders] Donation of CSSReg/HTMLReg/JSReg
• Next message: [GPC] orphaned "OWASP Insecure Web App Project"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]