[GPC] FW: OWASP and eVc project

Justin Searle justin.searle at owasp.org
Mon Jun 11 01:11:11 UTC 2012


Kate, have you had any response on this from GPC?  I vote approve, but
I'm not sure of what we have to do in the system to get things
started.



On Fri, Jun 1, 2012 at 11:58 AM, Kate Hartmann <kate.hartmann at owasp.org> wrote:
> Committee, has this project been approved?  What can I do to facilitate this?
>
> Kate Hartmann
> Operations Director
> 301-275-9403
> www.owasp.org
> Skype:  Kate.hartmann1
>
>
> -----Original Message-----
> From: Eoin [mailto:eoin.keary at owasp.org]
> Sent: Thursday, May 24, 2012 4:43 PM
> To: Waqas Nazir
> Cc: <Kate.Hartmann at owasp.org>; Eoin Keary; <michael.coates at owasp.org>
> Subject: Re: OWASP and eVc project
>
> Kate,
> Can we get GPC to approve and get this up and running, wiki etc if approved?
>
>
> Eoin Keary
> BCC Risk Advisory
> Owasp Global Board
> +353 87 977 2988
>
>
> On 24 May 2012, at 20:15, "Waqas Nazir" <waqas.nazir at digitsec.com> wrote:
>
>> Thank you Eoin for the opportunity to speak with you today.
>>
>> Kate,
>>
>> Based on our conversation. We would like to sponsor an OWASP project. Can you kindly submit the following to the Global Projects Committee?
>>
>>
>> Eliminate Vulnerable Code (eVc) project is a community initiative with the goal of removing vulnerable code from the public domain. We see that many web forums, open source software, software development books, and educational institutions cite vulnerable code samples. This practice fuels the use of vulnerable code in software across all verticals of the technology world. In light of this we at DigitSec want to host this project as sponsored by DigitSec at OWASP. The eVc project will strive to remove vulnerable code examples and samples from the public sphere.
>>
>> More details about the project can be found here:
>> http://www.digitsec.com/evc.htm
>>
>> eVc Members can join and start contributing here:
>> https://evc.digitsec.com/default.aspx
>>
>> DarkReading article on this project:
>> http://www.darkreading.com/database-security/167901020/security/applic
>> ation-security/240000936/project-finds-purges-vulnerable-code-snippets
>> -from-the-net.html
>>
>> Thanks!
>> Waqas Nazir
>> CEO
>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>> Phone: 206.659.9521
>>
>> Eliminate Vulnerable Code! Are you in? https://www.digitsec.com/evc.htm
>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>>
>>
>> -----Original Message-----
>> From: Eoin [mailto:eoin.keary at owasp.org]
>> Sent: Wednesday, May 23, 2012 2:31 PM
>> To: Waqas Nazir
>> Cc: Eoin Keary; <michael.coates at owasp.org>; <Kate.Hartmann at owasp.org>
>> Subject: Re: OWASP and eVc project
>>
>> Let's talk tomorrow.
>> Skype me eoinkeary when you get up.
>>
>>
>> Eoin Keary
>> BCC Risk Advisory
>> Owasp Global Board
>> +353 87 977 2988
>>
>>
>> On 23 May 2012, at 19:29, "Waqas Nazir" <waqas.nazir at digitsec.com> wrote:
>>
>>> Hi Eoin/Michael,
>>>
>>>
>>>
>>> DarkReading wants to do a piece on this project today. Is it okay to
>>> mention in the piece that eVc and OWASP are in discussions for collaboration?
>>>
>>>
>>> Let me know your thoughts. I understand that we haven’t spoken in
>>> detail about this. Also, let me know what will work for your schedule.
>>>
>>>
>>> Regards,
>>>
>>>
>>>
>>> Waqas Nazir
>>>
>>> CEO
>>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>>>
>>> Phone: 206.659.9521
>>>
>>>
>>>
>>> Eliminate Vulnerable Code! Are you in?  <https://www.digitsec.com/evc.htm>
>>> https://www.digitsec.com/evc.htm
>>>
>>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>>>
>>>
>>>
>>>
>>>
>>> From: Waqas Nazir [mailto:waqas.nazir at digitsec.com]
>>> Sent: Monday, May 21, 2012 10:41 AM
>>> To: 'Waqas Nazir'; 'Eoin'
>>> Cc: 'Eoin Keary'; michael.coates at owasp.org; Kate.Hartmann at owasp.org
>>> Subject: RE: OWASP and eVc project
>>>
>>>
>>>
>>> Hi Eoin,
>>>
>>>
>>>
>>> Monday didn’t work out. Let me know what will work for your schedule
>>> for a quick chat over the phone this week?
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>>
>>> Waqas Nazir
>>>
>>> CEO
>>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>>>
>>> Phone: 206.659.9521
>>>
>>>
>>>
>>> Eliminate Vulnerable Code! Are you in? https://www.digitsec.com/evc.htm
>>>
>>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>>>
>>>
>>>
>>>
>>>
>>> From: Waqas Nazir [mailto:waqas.nazir at digitsec.com]
>>> Sent: Saturday, May 19, 2012 1:45 PM
>>> To: 'Eoin'
>>> Cc: 'Eoin Keary'; '<michael.coates at owasp.org>'; '<Kate.Hartmann at owasp.org>'
>>> Subject: RE: OWASP and eVc project
>>>
>>>
>>>
>>> Sure . I am open on Monday 10:00 AM Pacific (6:00 PM Ireland GMT)?
>>>
>>> .Waqas
>>>
>>>
>>>
>>> From: Eoin [mailto:eoin.keary at owasp.org]
>>> Sent: Saturday, May 19, 2012 1:28 PM
>>> To: Waqas Nazir
>>> Cc: Eoin Keary; <michael.coates at owasp.org>; <Kate.Hartmann at owasp.org>
>>> Subject: Re: OWASP and eVc project
>>>
>>>
>>>
>>> Ireland do evening my time?
>>>
>>>
>>>
>>> Eoin Keary
>>>
>>> BCC Risk Advisory
>>>
>>> Owasp Global Board
>>>
>>> +353 87 977 2988
>>>
>>>
>>>
>>>
>>> On 19 May 2012, at 21:10, "Waqas Nazir" <waqas.nazir at digitsec.com> wrote:
>>>
>>> Sure – What time zone are you in? I am in Pacific.
>>>
>>>
>>> Regards,
>>>
>>> Waqas Nazir
>>>
>>> CEO
>>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>>>
>>> Phone: 206.659.9521
>>>
>>>
>>>
>>> Eliminate Vulnerable Code! Are you in? https://www.digitsec.com/evc.htm
>>>
>>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>>>
>>>
>>>
>>>
>>>
>>> From: Eoin [mailto:eoin.keary at owasp.org]
>>> Sent: Saturday, May 19, 2012 12:20 PM
>>> To: Waqas Nazir
>>> Cc: Eoin Keary; <michael.coates at owasp.org>; <Kate.Hartmann at owasp.org>
>>> Subject: Re: OWASP and eVc project
>>>
>>>
>>>
>>> Ok cool.
>>>
>>> Why dont you make it an owasp project sponsored by your company.
>>>
>>> Fancy a call at some point next week??
>>>
>>> Eoin Keary
>>>
>>> BCC Risk Advisory
>>>
>>> Owasp Global Board
>>>
>>> +353 87 977 2988
>>>
>>>
>>>
>>>
>>> On 19 May 2012, at 19:49, "Waqas Nazir" <waqas.nazir at digitsec.com> wrote:
>>>
>>> Hi Eoin,
>>>
>>>
>>>
>>> Thank you for your response. We don’t want an endorsement. We are
>>> looking for contributors to help with this project. My thoughts were
>>> to create a listing of this project for OWASP members to contribute?.
>>> May be a link or a post on OWASP? This is not a commercial product or
>>> service, it is a community based project with the goal of removing
>>> vulnerable code from the public sphere. Let me know if that makes
>>> sense or a possible option? We can talk over the phone as well if that will help?
>>>
>>>
>>> Thank you once again.
>>>
>>>
>>>
>>> Regards,
>>>
>>> Waqas Nazir
>>>
>>> CEO
>>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>>>
>>> Phone: 206.659.9521
>>>
>>>
>>>
>>> Eliminate Vulnerable Code! Are you in? https://www.digitsec.com/evc.htm
>>>
>>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>>>
>>>
>>>
>>>
>>>
>>> From: Eoin Keary [mailto:eoinkeary at gmail.com]
>>> Sent: Saturday, May 19, 2012 7:31 AM
>>> To: Waqas Nazir
>>> Cc: <michael.coates at owasp.org>; <eoin.keary at owasp.org>;
>>> <Kate.Hartmann at owasp.org>
>>> Subject: Re: OWASP and eVc project
>>>
>>>
>>>
>>> Hi,
>>>
>>> You can certainly use owasp materials, they are open source buy we do
>>> not endorse commercial entities.
>>>
>>> Make sense?
>>>
>>> Eoin.
>>>
>>>
>>>
>>> Eoin Keary
>>>
>>> BCC Risk Advisory
>>>
>>> Owasp Global Board
>>>
>>> +353 87 977 2988
>>>
>>>
>>>
>>>
>>> On 18 May 2012, at 21:00, "Waqas Nazir" <waqas.nazir at digitsec.com> wrote:
>>>
>>> Hi Michael,
>>>
>>>
>>>
>>> I am part of a security start-up and we’ve recently started a
>>> community project called “Eliminate Vulnerable Code Project”. The
>>> goal of the project is to eliminate and/or annotate vulnerable code
>>> in the public sphere. It is a community based initiative so we are looking for sponsors for the project.
>>> We hope to use OWASP as a reference using the “How to:” section.
>>>
>>>
>>>
>>> The press release for the project is here:
>>> http://www.digitsec.com/resources/documents/Eliminate_Vulnerable_Code
>>> _Press_
>>> Release.pdf.
>>>
>>>
>>>
>>> Let me know if OWASP would like to become one of the sponsors for
>>> this project. I look forward to your response.
>>>
>>>
>>>
>>> Regards,
>>>
>>> Waqas Nazir
>>>
>>> CEO
>>> 214 1st Avenue South Suite B3, Seattle, WA 98104
>>>
>>> Phone: 206.659.9521
>>>
>>>
>>>
>>> Eliminate Vulnerable Code! Are you in? https://www.digitsec.com/evc.htm
>>>
>>> PGP finger print 8D7E BC58 342E F1EF 312F  5786 5F02 FF95 E076 5C0B
>>>
>>>
>>>
>>>
>>>
>>> <winmail.dat>
>>
>
> _______________________________________________
> Global-projects-committee mailing list
> Global-projects-committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global-projects-committee



-- 
Justin Searle
Managing Partner - UtiliSec
801-784-2052


More information about the Global-projects-committee mailing list