[OWASP-advisors] (no subject)

Michael Gavin michael_gavin at verizon.net
Thu Dec 30 10:35:22 EST 2004

Received: 	from outgoing.verizon.net ([]) by out003.verizon.net (InterMail vM. 201-253-122-130-106-20030910) with ESMTP id <20041230152849.VFAH1106.out003.verizon.net at outgoing.verizon.net>; Thu, 30 Dec 2004 09:28:49 -0600
X-Mailer: 	Openwave WebEngine, version 2.8.12 (webedge20-101-197-20030912)
From: 	Michael Gavin <michael_gavin at verizon.net>  
To: 	<Denis.Verdon at fnf.com>, <stanguzik at yahoo.com>, <dinis at ddplus.net>, <owasp-leaders at lists.sourceforge.net>
CC: 	<mark at curphey.com> ,<owasp-dotnet at lists.sourceforge.net> ,<owasp-guide at lists.sourceforge.net> ,<owasp-testing at lists.sourceforge.net> ,<owasp-chapters at lists.sourceforge.net> ,<owasp-advisors at lists.sourcforge.net> ,  
Subject: 	Re: [OWASP-GUIDE] RE: [OWASP-TESTING] RE: An Open Letter to Owasp
Date: 	Thu, 30 Dec 2004 10:28:49 -0500
MIME-Version: 	1.0
Content-Type: 	text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 	7bit
X-Authentication-Info: 	Submitted using SMTP AUTH at out003.verizon.net from [] at Thu, 30 Dec 2004 09:28:49 -0600
Message-Id: 	<20041230152849.VFAH1106.out003.verizon.net at outgoing.verizon.net>

I'm sure that there are many others as well, but another effort that has at
least some overlap with OWASP is ISECOM (formerly ideahamster.org?). Is there
someone within OWASP looking at other organizations and efforts that overlap
with OWASP goals, and determining what if anything the organizations should do

While ISECOM is international, it seems to have originated, and is still head-
quartered, in Spain. Here is the contact information for the founder and leader

Pete Herzog - Managing Director - pete at isecom.org
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.isestorm.org
ISECOM is the OSSTMM Professional Security Tester (OPST),
OSSTMM Professional Security Analyst (OPSA), and Hacker Highschool
Teacher certification authority.

> "Verdon, Denis" <Denis.Verdon at fnf.com> wrote:
> Stanley, et al,
> I took the liberty of holding a fact-finding discussion with three members
> of The Center for Internet Security (CIS): Clint Kreitner (President/CEO),
> Bert Miuccio, (Vice President) and John Banghart (Director of Benchmark
> Services). I've reproduced my notes on that meeting below.


> I strongly recommend inviting them to our next meeting and will facilitate
> this, unless I hear string objections.
> Please let me know your thoughts.
> Denis Verdon, Senior Vice President & Head of CISG
> FNF - Corporate Information Security Group
> 2510 N. Red Hill Avenue, Santa Ana CA 92705
> Tel: (949) 221 3252
> Cell: (949) 923 0390
> Email: <mailto:denis.verdon at fnf.com> denis.verdon at fnf.com
> Web: http://www.fnf.com <http://www.fnf.com>
> Intranet: <https://cis.fnf.com> https://cis.fnf.com
> OWASP seems to share almost identical goals with CIS, in terms of the desire
> to develop consensus standards for the benefit of the community at large.
> Many of the challenges CIS faced early on in their development appear to be
> very close to the challenges OWASP now faces. It is reassuring to learn
> that someone else has blazed a similar trail in the past and made it work.




More information about the Owasp-advisors mailing list