[Owasp-board] OWASP Application Security Search Engine

Jeff Williams jeff.williams at owasp.org
Mon Nov 6 07:19:51 UTC 2006


Okay. I'm not sure if there's an easy way to expose what sites are being
indexed, but I'll check into it.

 

--Jeff

 

  _____  

From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Dinis Cruz
Sent: Monday, November 06, 2006 2:16 AM
To: owasp-board at lists.owasp.org
Subject: Re: [Owasp-board] OWASP Application Security Search Engine

 

I also agree, 

This is a great idea and tool (all you need to do now is to put it in a
firefox search plug in :)

What I would do is to rename this as a 'WebAppSec search' (or something like
that) since that is what it is (a search engine for web application related
content). 

Regarding the first page, you should add in there (or link to another page)
the sites that are currently indexed (can this be a dynamic link) and add
information on how to suggest further sites.

Regarding the google adds, I don't have a problem with it. From my point of
view, the only differences between Owasp (being a 501 non-profit) and
another comercial companies, is that all of Owasp materials are Open & Free
and there is no profit distribution 

Jeff, please start a new thread on owasp-leaders (without the question about
money) to see what ideas come up on how this page should be set-up

Dinis

On 11/6/06, Andrew van der Stock <vanderaj at owasp.org> wrote:

Jeff,

 

This is a good idea. 

 

I definitely think there should be a marker for commercial sites. That way
we can distance ourselves from them. 

 

There's nothing wrong from earning an income for a 501 non profit - just
that we should not consistently make a profit nor a loss. Let's use those
income (from all our sources) for further development of OWASP. Sooner or
later, we should start thinking about more infrastructure for OWASP (such as
the SVN hosted at us makes some sort of sense), etc.  

 

thanks,

Andrew

 

On 06/11/2006, at 4:49 PM, Jeff Williams wrote:


 

 



http://www.owasp.org/google/search.html 

 

This is an experiment I set up to test the new Google coop build-your-own
search engine feature.  I added a few sites to the list (basically the
members and a few general sites), and set up a set of "labels" to further
organize them. 

 

*         ha.ckers.org Non-commercial   

*          www.whitehatsec.com Commercial Products-only   

*          www.aspectsecurity.com Commercial Services-only OWASP Member   

*         www.accessitgroup.com/index.php?mod=application Commercial
Services-only OWASP Member   

*         www.corsaire.com Commercial Services-only OWASP Member   

*          www.ascure.com/ Commercial Services-only OWASP Member   

*          www.cgisecurity.com   

*          buildsecurityin.us-cert.gov Non-commercial   

*          www.ioactive.com Commercial Services-only OWASP Member   

*          www.foundstone.com/index.htm?subnav=services%2Fnavigation.htm
<http://www.foundstone.com/index.htm?subnav=services%2Fnavigation.htm&subcon
tent=%2Fservices%2Fsass.htm> &subcontent=%2Fservices%2Fsass.htm Commercial
OWASP Member   

*         www.webappsec.org Commercial   

*         www.watchfire.com Commercial Products-only   

*         www.fortifysoftware.com Commercial Products-only OWASP Member   

*         www.f5.com/products/TrafficShield/ Commercial Products-only OWASP
Member   

*         www.owasp.org OWASP-only Non-commercial  

 

I think it would be good for us to run a well-organized, well-labeled search
engine for more than just OWASP.  Two commercial concerns here: 

 

 1 - We can include commercial sites, but they would be marked "commercial"
and "product" or "service" 

 2 - We will get ads on the right.  If people click the ads, OWASP makes
money.  BUT, as a 501c3 we may be able to get the ads turned off. 

 

What do you think? 

 

--Jeff

 

Jeff Williams, Chair

The OWASP Foundation <http://www.owasp.org/> 

work: 410-707-1487

main: 301-604-4882

 

"Dedicated to finding and fighting the causes of insecure software" 

 

_______________________________________________

Owasp-board mailing list

Owasp-board at lists.owasp.org

http://lists.owasp.org/mailman/listinfo/owasp-board

 


_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
http://lists.owasp.org/mailman/listinfo/owasp-board








-- 
Best regards

Dinis Cruz
OWASP Autumn of Code 2006, http://www.owasp.org/index.php/OAC
OWASP .Net Project, http://www.owasp.org/index.php/.Net 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20061106/9daeca40/attachment-0002.html>


More information about the Owasp-board mailing list