[GPC] FW: OWASP and eVc project

Kate Hartmann kate.hartmann at owasp.org
Fri Jun 1 17:58:41 UTC 2012


Committee, has this project been approved?  What can I do to facilitate this?

Kate Hartmann
Operations Director
301-275-9403
www.owasp.org 
Skype:  Kate.hartmann1


-----Original Message-----
From: Eoin [mailto:eoin.keary at owasp.org] 
Sent: Thursday, May 24, 2012 4:43 PM
To: Waqas Nazir
Cc: <Kate.Hartmann at owasp.org>; Eoin Keary; <michael.coates at owasp.org>
Subject: Re: OWASP and eVc project

Kate,
Can we get GPC to approve and get this up and running, wiki etc if approved?


Eoin Keary
BCC Risk Advisory
Owasp Global Board
+353 87 977 2988


On 24 May 2012, at 20:15, "Waqas Nazir" <waqas.nazir at digitsec.com> wrote:

> Thank you Eoin for the opportunity to speak with you today.
> 
> Kate,
> 
> Based on our conversation. We would like to sponsor an OWASP project. Can you kindly submit the following to the Global Projects Committee?
> 
> 
> Eliminate Vulnerable Code (eVc) project is a community initiative with the goal of removing vulnerable code from the public domain. We see that many web forums, open source software, software development books, and educational institutions cite vulnerable code samples. This practice fuels the use of vulnerable code in software across all verticals of the technology world. In light of this we at DigitSec want to host this project as sponsored by DigitSec at OWASP. The eVc project will strive to remove vulnerable code examples and samples from the public sphere.
> 
> More details about the project can be found here: 
> http://www.digitsec.com/evc.htm
> 
> eVc Members can join and start contributing here: 
> https://evc.digitsec.com/default.aspx
> 
> DarkReading article on this project: 
> http://www.darkreading.com/database-security/167901020/security/applic
> ation-security/240000936/project-finds-purges-vulnerable-code-snippets
> -from-the-net.html
> 
> Thanks!
> Waqas Nazir
> CEO
> 214 1st Avenue South Suite B3, Seattle, WA 98104
> Phone: 206.659.9521
> 
> Eliminate Vulnerable Code! Are you in? https://www.digitsec.com/evc.htm   
> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
> 
> 
> -----Original Message-----
> From: Eoin [mailto:eoin.keary at owasp.org]
> Sent: Wednesday, May 23, 2012 2:31 PM
> To: Waqas Nazir
> Cc: Eoin Keary; <michael.coates at owasp.org>; <Kate.Hartmann at owasp.org>
> Subject: Re: OWASP and eVc project
> 
> Let's talk tomorrow.
> Skype me eoinkeary when you get up.
> 
> 
> Eoin Keary
> BCC Risk Advisory
> Owasp Global Board
> +353 87 977 2988
> 
> 
> On 23 May 2012, at 19:29, "Waqas Nazir" <waqas.nazir at digitsec.com> wrote:
> 
>> Hi Eoin/Michael,
>> 
>> 
>> 
>> DarkReading wants to do a piece on this project today. Is it okay to 
>> mention in the piece that eVc and OWASP are in discussions for collaboration?
>> 
>> 
>> Let me know your thoughts. I understand that we haven’t spoken in 
>> detail about this. Also, let me know what will work for your schedule.
>> 
>> 
>> Regards,
>> 
>> 
>> 
>> Waqas Nazir
>> 
>> CEO
>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>> 
>> Phone: 206.659.9521
>> 
>> 
>> 
>> Eliminate Vulnerable Code! Are you in?  <https://www.digitsec.com/evc.htm>
>> https://www.digitsec.com/evc.htm   
>> 
>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>> 
>> 
>> 
>> 
>> 
>> From: Waqas Nazir [mailto:waqas.nazir at digitsec.com]
>> Sent: Monday, May 21, 2012 10:41 AM
>> To: 'Waqas Nazir'; 'Eoin'
>> Cc: 'Eoin Keary'; michael.coates at owasp.org; Kate.Hartmann at owasp.org
>> Subject: RE: OWASP and eVc project
>> 
>> 
>> 
>> Hi Eoin,
>> 
>> 
>> 
>> Monday didn’t work out. Let me know what will work for your schedule 
>> for a quick chat over the phone this week?
>> 
>> 
>> 
>> Regards,
>> 
>> 
>> 
>> Waqas Nazir
>> 
>> CEO
>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>> 
>> Phone: 206.659.9521
>> 
>> 
>> 
>> Eliminate Vulnerable Code! Are you in? https://www.digitsec.com/evc.htm   
>> 
>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>> 
>> 
>> 
>> 
>> 
>> From: Waqas Nazir [mailto:waqas.nazir at digitsec.com]
>> Sent: Saturday, May 19, 2012 1:45 PM
>> To: 'Eoin'
>> Cc: 'Eoin Keary'; '<michael.coates at owasp.org>'; '<Kate.Hartmann at owasp.org>'
>> Subject: RE: OWASP and eVc project
>> 
>> 
>> 
>> Sure . I am open on Monday 10:00 AM Pacific (6:00 PM Ireland GMT)?
>> 
>> .Waqas
>> 
>> 
>> 
>> From: Eoin [mailto:eoin.keary at owasp.org]
>> Sent: Saturday, May 19, 2012 1:28 PM
>> To: Waqas Nazir
>> Cc: Eoin Keary; <michael.coates at owasp.org>; <Kate.Hartmann at owasp.org>
>> Subject: Re: OWASP and eVc project
>> 
>> 
>> 
>> Ireland do evening my time?
>> 
>> 
>> 
>> Eoin Keary
>> 
>> BCC Risk Advisory
>> 
>> Owasp Global Board
>> 
>> +353 87 977 2988
>> 
>> 
>> 
>> 
>> On 19 May 2012, at 21:10, "Waqas Nazir" <waqas.nazir at digitsec.com> wrote:
>> 
>> Sure – What time zone are you in? I am in Pacific.
>> 
>> 
>> Regards,
>> 
>> Waqas Nazir
>> 
>> CEO
>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>> 
>> Phone: 206.659.9521
>> 
>> 
>> 
>> Eliminate Vulnerable Code! Are you in? https://www.digitsec.com/evc.htm   
>> 
>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>> 
>> 
>> 
>> 
>> 
>> From: Eoin [mailto:eoin.keary at owasp.org]
>> Sent: Saturday, May 19, 2012 12:20 PM
>> To: Waqas Nazir
>> Cc: Eoin Keary; <michael.coates at owasp.org>; <Kate.Hartmann at owasp.org>
>> Subject: Re: OWASP and eVc project
>> 
>> 
>> 
>> Ok cool.
>> 
>> Why dont you make it an owasp project sponsored by your company.
>> 
>> Fancy a call at some point next week??
>> 
>> Eoin Keary
>> 
>> BCC Risk Advisory
>> 
>> Owasp Global Board
>> 
>> +353 87 977 2988
>> 
>> 
>> 
>> 
>> On 19 May 2012, at 19:49, "Waqas Nazir" <waqas.nazir at digitsec.com> wrote:
>> 
>> Hi Eoin,
>> 
>> 
>> 
>> Thank you for your response. We don’t want an endorsement. We are 
>> looking for contributors to help with this project. My thoughts were 
>> to create a listing of this project for OWASP members to contribute?. 
>> May be a link or a post on OWASP? This is not a commercial product or 
>> service, it is a community based project with the goal of removing 
>> vulnerable code from the public sphere. Let me know if that makes 
>> sense or a possible option? We can talk over the phone as well if that will help?
>> 
>> 
>> Thank you once again. 
>> 
>> 
>> 
>> Regards,
>> 
>> Waqas Nazir
>> 
>> CEO
>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>> 
>> Phone: 206.659.9521
>> 
>> 
>> 
>> Eliminate Vulnerable Code! Are you in? https://www.digitsec.com/evc.htm   
>> 
>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>> 
>> 
>> 
>> 
>> 
>> From: Eoin Keary [mailto:eoinkeary at gmail.com]
>> Sent: Saturday, May 19, 2012 7:31 AM
>> To: Waqas Nazir
>> Cc: <michael.coates at owasp.org>; <eoin.keary at owasp.org>; 
>> <Kate.Hartmann at owasp.org>
>> Subject: Re: OWASP and eVc project
>> 
>> 
>> 
>> Hi,
>> 
>> You can certainly use owasp materials, they are open source buy we do 
>> not endorse commercial entities.
>> 
>> Make sense?
>> 
>> Eoin.
>> 
>> 
>> 
>> Eoin Keary
>> 
>> BCC Risk Advisory
>> 
>> Owasp Global Board
>> 
>> +353 87 977 2988
>> 
>> 
>> 
>> 
>> On 18 May 2012, at 21:00, "Waqas Nazir" <waqas.nazir at digitsec.com> wrote:
>> 
>> Hi Michael,
>> 
>> 
>> 
>> I am part of a security start-up and we’ve recently started a 
>> community project called “Eliminate Vulnerable Code Project”. The 
>> goal of the project is to eliminate and/or annotate vulnerable code 
>> in the public sphere. It is a community based initiative so we are looking for sponsors for the project.
>> We hope to use OWASP as a reference using the “How to:” section. 
>> 
>> 
>> 
>> The press release for the project is here:
>> http://www.digitsec.com/resources/documents/Eliminate_Vulnerable_Code
>> _Press_
>> Release.pdf. 
>> 
>> 
>> 
>> Let me know if OWASP would like to become one of the sponsors for 
>> this project. I look forward to your response.
>> 
>> 
>> 
>> Regards,
>> 
>> Waqas Nazir
>> 
>> CEO
>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>> 
>> Phone: 206.659.9521
>> 
>> 
>> 
>> Eliminate Vulnerable Code! Are you in? https://www.digitsec.com/evc.htm   
>> 
>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>> 
>> 
>> 
>> 
>> 
>> <winmail.dat>
> 



More information about the Global-projects-committee mailing list