[Global_education_committee] [Owasp-leaders] TTBSP/Defcon
martin.knobloch at owasp.org
Mon Aug 3 03:29:29 EDT 2009
I definitely agree as well, this is line with the GEC mission!
Therefore I took this thread it of the project leaders communication and put
it in discussion with my GEC-pals ;-)
On Sun, Aug 2, 2009 at 11:23 PM, Mark Bristow <mark.bristow at owasp.org>wrote:
> I could not agree more as this really gets at the heart of the solution to
> many security issues. My little cousin is going to graduate from UMBC next
> winter with a minor in CS. I asked him if his professors/textbooks
> addressed security in any meaningful way and they had not. The most
> "security" they discussed was to do bounds checking on risky C calls but
> stressed the reliability issues here not the security ones. The most he got
> in his web class was to "watch out" for ' in SQL statements. Textbooks have
> perhaps a chapter about security but more importantly the examples
> throughout the book don't include any security elements.
> IIRC a few years ago Billy Hoffman (of SPI at the time) built a website
> using vulnerable book examples and did all the usual badness to it. Perhaps
> someting along these lines would help bring attention to the issue?
> I definately think that this is someting that OWASP should support and
> would go a long way to "solving" the problem long term.
> On Sun, Aug 2, 2009 at 3:07 PM, Tom Brennan <tomb at owasp.org> wrote:
>> APPSEC community leaders, this new effort for the next generation is
>> synergistic with our efforts and wanted to raise its awareness to you too
>> Textbooks that are WRONG here is how you might point that out. A list of
>> supported text books is one of the goals.
>> After talking with Jon Kibler and Mike Cooper (project leaders) this
>> effort is in step with our OWASP Global Education Committee mission.
>> Tom Brennan
>> Board Member - OWASP Foundation
>> Url: www.owasp.org | Tel: 973-202-0122
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
> Mark Bristow
> OWASP Global Conferences Committee member -
> AppSec DC 09 Organizer -
> OWASP DC Chapter Co-Chair - http://www.owasp.org/index.php/Washington_DC
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Global_education_committee