[OWASP-Bangalore] OWASP-Bangalore Digest Unable to present this month

praveen_recker . praveen_recker at sify.com
Wed Jun 3 10:52:57 EDT 2009


Hi,

I will not be in a situation to present this month, most probably next month
also.
Sorry guys.

Best Regards,
Praveen Darshanam

On Tue, Jun 2, 2009 at 9:30 PM, <owasp-bangalore-request at lists.owasp.org>wrote:

> Send OWASP-Bangalore mailing list submissions to
>        owasp-bangalore at lists.owasp.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>        https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> or, via email, send a message with subject or body 'help' to
>        owasp-bangalore-request at lists.owasp.org
>
> You can reach the person managing the list at
>        owasp-bangalore-owner at lists.owasp.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of OWASP-Bangalore digest..."
>
>
> Today's Topics:
>
>   1. Re: Why OWASP (Akash)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 1 Jun 2009 17:17:30 +0530
> From: Akash <akashmahajan at gmail.com>
> Subject: Re: [OWASP-Bangalore] Why OWASP
> To: owasp-bangalore at lists.owasp.org
> Message-ID:
>        <868b524f0906010447y33a876dje6493062d308ac0 at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> Yes I will. Please give me one more day to do that.
>
>
> 2009/6/1 Harinath Pudipeddi <hpudipeddi at gmail.com>:
> > Akash,
> >
> > Will you update and send it to the group?
> >
> > On Wed, May 27, 2009 at 12:37, SISA Dharshan Shanthamurthy <
> dbs at sisa.co.in>
> > wrote:
> >>
> >> Good effort but to get it accurate, PCI DSS Version 1.2 is already out
> >> (Oct1, 2008). The requirement is 6.5 is the one which talks on OWASP
> >> specifically while 6.6 talks of manual application VA or WAF.
> >>
> >>
> >>
> >> Cheers,
> >> Dharshan
> >>
> >>
> >>
> >> From: owasp-bangalore-bounces at lists.owasp.org
> >> [mailto:owasp-bangalore-bounces at lists.owasp.org] On Behalf Of Dinesh
> >> O'Bareja
> >> Sent: 27 May 2009 11:08
> >> To: owasp-bangalore at lists.owasp.org
> >> Subject: Re: [OWASP-Bangalore] Why OWASP
> >>
> >>
> >>
> >> Akash - my 2 c, in addition to your document.
> >>
> >>
> >>
> >> From what I know an App cannot be certified to ISO 27001 because there
> is
> >> no provision in the standard to certify an application for security.
> >>
> >>
> >>
> >> The standard sets up the ISMS in the organization and will ask that
> >> applications be secured and tested for security vulnerabilities. However
> it
> >> does not go into the nitty gritty of application testing and this is
> left
> >> for the organization to decide upon. If you see this is the case with
> Risk
> >> Management, Asset Management etc in ISO 27k1 too.
> >>
> >>
> >>
> >> So for your client to be asking why OWASP when ISO is there the answer
> is
> >> that ISO is a standard for ISMS but OWASP is the framework to build /
> test
> >> security in the application.
> >>
> >>
> >>
> >> And thanks for the PDF - it gives some good industry references to the
> use
> >> of the OWASP guidelines.
> >>
> >>
> >>
> >> tc
> >>
> >> Dinesh
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> On Tue, May 26, 2009 at 10:31 PM, Akash <akashmahajan at gmail.com> wrote:
> >>
> >> Hey recently a client wanted to know why would anyone refer to OWASP
> >> for guidelines to securing their web apps. The question was in the
> >> context of if the app is already ISO 27002 certified etc.
> >>
> >> I created a simple one page PDF and shared with them. Might be useful
> >> in your organisations as well.
> >>
> >> Feedback more than welcome.
> >>
> >> The information has been taken from various sources online and the
> >> copyright only applies to presenting them in this manner. Feel free to
> >> use them anywhere and if you do quote me great but its ok otherwise as
> >> well. It was more for the client than anything else.
> >>
> >> --
> >> warm regards,
> >> Akash Mahajan
> >> ----------------------------------------------------------
> >> Security Consultant, (Web / Networks /
> >> Servers / IT/ Virtualization)
> >> Founder Headstart Network Foundation
> >> ----------------------------------------------------------
> >> http://www.linkedin.com/in/akashm
> >> http://network.headstart.in
> >> ----------------------------------------------------------
> >>
> >> _______________________________________________
> >> OWASP-Bangalore mailing list
> >> OWASP-Bangalore at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> >>
> >>
> >>
> >> _______________________________________________
> >> OWASP-Bangalore mailing list
> >> OWASP-Bangalore at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> >>
> >
> >
> >
> > --
> > Harinath Pudipeddi
> > +91.98860 01976 Mobile
> > http://www.linkedin.com/in/harinath
> >
> > http://www.Penseur.in - Home Page
> > http://www.Dazasya.org.in - Dazasya
> >
> > http://www.HeadStart.In - Showcasing India Innovation
> > http://www.owasp.org/index.php/Bangalore - OWASP Bangalore Chapter
> > http://www.TestersNetwork.WordPress.com - Software Testing Research Lab
> >
> >
> > _______________________________________________
> > OWASP-Bangalore mailing list
> > OWASP-Bangalore at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> >
> >
>
>
>
> --
> warm regards,
> Akash Mahajan
> ----------------------------------------------------------
> Security Consultant, (Web / Networks /
> Servers / IT/ Virtualization)
> Founder Headstart Network Foundation
> ----------------------------------------------------------
> http://www.linkedin.com/in/akashm
> http://network.headstart.in
> ----------------------------------------------------------
>
>
> ------------------------------
>
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>
>
> End of OWASP-Bangalore Digest, Vol 19, Issue 1
> **********************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20090603/ac8361c1/attachment.html 


More information about the OWASP-Bangalore mailing list