[Global_education_committee] [GPC] Samenwerking Javaranch.com

Paulo Coimbra paulo.coimbra at owasp.org
Fri Nov 26 17:26:28 EST 2010

That's perfect, Jim. Thank you for stepping in! 


Have a nice weekend,

- Paulo



Paulo Coimbra,

 <http://www.owasp.org/index.php/User:Paulo_Coimbra> OWASP Project Manager


From: Jim Manico [mailto:jim.manico at owasp.org] 
Sent: sexta-feira, 26 de Novembro de 2010 22:27
To: Paulo Coimbra
Cc: 'Jeff Williams'; 'Martin Knobloch'; 'eoin keary';
matt.tesauro at owasp.org; 'Dave Wichers'; 'Global Projects Committee';
global_education_committee at lists.owasp.org
Subject: Re: [GPC] Samenwerking Javaranch.com



There are a group of folks (off this list) who are interested in helping
update the AJAX project. I'll get them together and email you on a separate

- Jim

Martin et al, 


It indeed seems OWASP Java research needs some initiative. I looked a bit
backwards and found some internal info regarding various attempts to push
this field forward as forthcoming. 


1. OWASP AJAX Security Project -

1.1. Has been identified as orphaned in sequence of the GPC inquiry we did
in the beginning of 2009. The former leader was Rohini Sulatycki
(rohini_sulatycki at yahoo.com). 

1.2. Anurag Agarwal (anurag.agarwal at yahoo.com / Development Guide's current
leader) has offered to lead this effort and it has been accepted by the GPC.
Anurag has failed in presenting a roadmap and has never made any update on
the project's wiki. 


2. AJAX Security Guide -

Abraham Kang (abraham_kang at yahoo.com) met Jim Manico at an OWASP meet up and
offered to lead this Project. Never presented a roadmap or updated the
project's wiki. Contacted me to inform that "(...) Jim Manico and I decided
that we probably need to first update the existing information before
considering a separate project (...)". Jim answered as follows "(...) I back
this plan 100%. After we are done with the "first pass" I'd be glad to
projectize Abes work - and take some of the administrata off of his hands

3. John J. Thomas (John.J.Thomas at ngc.com) contacted us in June of 2010
saying "(...) I work in Northrop Grumman's Health IT unit in Rockville Md.
and I also participate in a cross-sector Northrop Grumman Java Community of
Interest. I am interested to see how our group can get engaged in your Java
project (...). Dave Wichers answered back pointing out the ESAPI as being
the "(...) One of the major Java related projects at OWASP (...)" and
proposed a personal meeting to talk about the issue. I lost subsequently the
track of the meeting's findings. 


4. We currently have two mailing lists Java associated, as follows. 

4.1 The first one https://lists.owasp.org/mailman/listinfo/owasp-ajax has
been created in September of 2006 and the first post was sent by Andrew van
Stock. Now it is still being administrated by the former project leader,
Rohini Sulatycki, and is on OWASP AJAX Security Project's wiki. 

4.2. The second one https://lists.owasp.org/mailman/listinfo/java-project
has been created in June of 2006 and the first post was sent by Stephen de
Vries. It still is administrated by Stephen de Vries
(stephen at twisteddelight.org) and Rohyt Belani (rohytbelani at gmail.com). This
mailing list seemed independent to me and not linked with any particular




- Paulo 


Paulo Coimbra, 

 <http://www.owasp.org/index.php/User:Paulo_Coimbra> OWASP Project Manager 


From: Jeff Williams [mailto:jeff.williams at owasp.org] 
Sent: sexta-feira, 26 de Novembro de 2010 15:42
To: Martin Knobloch
Cc: Dave Wichers; dinis cruz; Tom Brennan; eoin keary; Kate Hartmann; Paulo
Coimbra; Sandra Paiva; \
<mailto:global_education_committee at lists.owasp.org\>
"global_education_committee at lists.owasp.org\"
<mailto:global_education_committee at lists.owasp.org>
<global_education_committee at lists.owasp.org>"
<mailto:matt.tesauro at owasp.org> <matt.tesauro at owasp.org>;
matt.tesauro at owasp.org
Subject: Re: Samenwerking Javaranch.com 


This is fantastic!  Let us know the best ways to help you make this a




On Nov 26, 2010, at 4:54 AM, Martin Knobloch <martin.knobloch at owasp.org>



Some time ago, I did a security awareness workshop for students about
application security. One of the attends is involved (low in the hierarchy)
in JavaRance.com (http://www.javaranch.com/). 


He was very interested (apparently I did a good job) about the subject and
forwarded to the JavaRanch top the suggestion to work together. Today, I got
his reply that the JavaRanch top is interested in OWASP and what OWASP does.
I tried to translate his email (below): 



Sorry for the late response. I wast very busy and a also have been sick. Our
idea for a cooperation between OWASP and JavaRanch is received very good at
the high bosses. I propose the following, but am open for alternatives: 


We fix a date on which you come along to answer questions from our
community. To generate attention we send out an email (+100.000 people) and
announce this on facebook and twitter. Further, we will announce this on our

We even have found an editor who is prepared to make a couple books + PDF' s
available for free that will be raffled for those asking questions. He too
will will twitter about this and announce it on their website! 


This will increase the visibility of OWASP and give OWASP a good publicity,
whereby it offers a great chance for our community to ask questions about
security and OWASP. 


I am curious what you think of this. 



In my opinion, this is indeed a great chance of OWASP to reach out to the
Java Community! 

Let me know what I have to consider. Also, it would be nice to have some
assistence, even I have not all the knowledge ;-) 


On the mailing list overview, I found a Java mailing group,
java-project at lists.owasp.org., but could not locate a project lead for the
Java projects (http://www.owasp.org/index.php/Category:OWASP_Java_Project/).






---------- Forwarded message ----------
From: Martin Knobloch <martin.knobloch at owasp.org>
Date: 2010/11/26
Subject: Re: Samenwerking Javaranch.com
To: wouter oet <wouter.oet at gmail.com>

Hoi Wouter, 


Geen probleem, ben zelf bijzonders druk de afgelopen tijd! 


Lijkt mij uitstekend! Ik ga dit even aan de OWASP Foundation Board melden! 

Zodra ik een reactie heb meld ik mij weer bij je! OWASP kennende zal het
geen probleem zijn! 





2010/11/25 wouter oet <wouter.oet at gmail.com> 


Hey Martin,


Sorry voor het late mailtje. Ik had het erg druk en ben een tijdje ziek
geweest. Ons idee voor een samenwerking tussen owasp en javaranch is goed
bevallen bij de hoge bazen. Ik stel het volgende voor maar sta natuurlijk
open voor alternatieven en aanpassingen: 


We prikken een datum waarop jij langs komt om vragen te beantwoorden van
onze community. Om hiervoor aandacht te genereren sturen wij een mail rond
(+100.000 mensen) en posten wij dit op facebook en twitter. Daarnaast staat
er gedurende de periode een melding op onze website. We hebben zelfs een
uitgever gevonden die bereid is om een paar boeken + PDF's kostenloos
beschikbaar te stellen om te verloten onder de gene die vragen stellen. Hij
zal er ook over twitteren en een link zetten op hun website. 


Ik denk dat owasp hierdoor flink in de publiciteit komt te staan en dat het
een erg mooie kans is voor onze community om vragen e stellen over security
en owasp.  


Ik ben benieuwd wat jij hier van denkt. 





Wouter Oet | wouter.oet at gmail.com | Studentnummer: 1514846 | Tel:




Global-projects-committee mailing list
Global-projects-committee at lists.owasp.org


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_education_committee/attachments/20101126/055dbb82/attachment-0001.html 

More information about the Global_education_committee mailing list