[Owasp-board] New release: "OWASP TESTING GUIDE 2007"

Andrew van der Stock vanderaj at owasp.org
Fri Feb 23 18:52:22 UTC 2007


I¹ve got an e-mail from Bill from NSP about my cancelled Ajax book. I¹ll
speak to him now on the Testing Guide.

Thanks,
Andrew


On 2/22/07 7:35 PM, "Dinis Cruz" <dinis at ddplus.net> wrote:

> no idea,
> 
> Andrew? Jeff? 
> 
> any updates from your side?
> 
> Dinis
> 
> On 2/22/07, Matteo Meucci <matteo.meucci at gmail.com
> <mailto:matteo.meucci at gmail.com> > wrote:
>> Hi Tom,
>> I have no news, what about that Dinis? Do you have news?
>> 
>> Thanks,
>> Mat
>> 
>> On 2/22/07, tomb at accessitgroup.com <tomb at accessitgroup.com> wrote:
>>> > Any news on no starch press or syngress?  After the last email exchange it
>>> appeared that this was in progress?
>>> >
>>> >
>>> > Tom Brennan CISSP, NSA, C|EH
>>> > Technology Risk Practice Manager / Senior Security Engineer
>>> > AccessIT Group Inc.
>>> > Direct: 973-202-0122 | Office: 973-316-6016
>>> > Web: www.accessitgroup.com <http://www.accessitgroup.com>
>>> >
>>> >
>>> > -----Original Message-----
>>> > From: "Matteo Meucci" <matteo.meucci at gmail.com>
>>> > Date: Tue, 20 Feb 2007 18:29:38
>>> > To:owasp-all at lists.owasp.org
>>> > Subject: New release: "OWASP TESTING GUIDE 2007"
>>> >
>>> > ANNOUNCING THE "OWASP TESTING GUIDE"
>>> >
>>> > The OWASP Testing Guide includes a "best practice" penetration testing
>>> > framework which users can implement in their own organizations and a
>>> > "low level" penetration testing guide that describes techniques for
>>> > testing most common web application and web service security issues.
>>> >
>>> > Download the Guide Now:
>>> > - http://www.owasp.org/index.php/OWASP_Testing_Project
>>> <http://www.owasp.org/index.php/OWASP_Testing_Project>  (PDF and DOC)
>>> >
>>> > View the Project Overview Slides:
>>> > - 
>>> http://www.owasp.org/index.php/Image:OWASP_Testing_Guide_Presentation.zip
>>> <http://www.owasp.org/index.php/Image:OWASP_Testing_Guide_Presentation.zip>
>>> >
>>> > Join the Project Mailing List:
>>> > - http://lists.owasp.org/mailman/listinfo/owasp-testing
>>> >
>>> >
>>> > PROJECT HISTORY
>>> >
>>> > I would like to thank you all for the great effort in creating the new
>>> > OWASP Testing Guide v2. The new version is a complete rewrite that
>>> > subsumes the previous version and includes the "OWASP Web Application
>>> > Penetration Checklist", Version 1.1 dated 2004.
>>> >
>>> > The project, as part of the OWASP Autumn of Code, started on October
>>> > 1st 2006 reviewing all the old documentation. The first month we made
>>> > a call to action to collect all the best security experts on
>>> > application security asking them to collaborate in writing the Testing
>>> > Guide.
>>> >
>>> > We set up a 'dream team' of 39 authors and 20 reviewers: after 3
>>> > months of hard work and great team work we realized the v2 Release
>>> > Candidate 1 (RC1) by the 10th of January 2007. From that date to the
>>> > 10th of February we received numerous great comments: more than 20
>>> > articles have been reviewed.
>>> >
>>> > On the 10th of February we published the official version 2: a 272
>>> > pages high quality document, with 46 controls divided into 8
>>> > categories.
>>> >
>>> >
>>> > JOIN US
>>> >
>>> > We need help to...
>>> >
>>> > *** Continuously Improve the Guide.
>>> > The Guide is a "live" document: we always need your feedback! Please
>>> > join our testing mailing list and share your ideas with us. The next
>>> > step is to begin working on the new version: one issue that will be
>>> > improved is the client side testing.
>>> >
>>> > *** Promote the Testing Guide
>>> > We would like to have some more media coverage on the guide, so
>>> > please, if you know somebody in there put them in touch. If you have
>>> > the chance, you can write an article about the Testing Guide and the
>>> > new OWASP Projects. Also you can pick up the OWASP Testing Guide
>>> > presentations and talk about it in local conferences and Chapter
>>> > meetings.
>>> >
>>> > *** Translate the Guide into your Local Language
>>> > If you'd like to translate the Testing Guide in your local language,
>>> > please contact us.
>>> >
>>> > *** Add 'Quotes' to the Guide.
>>> > If you've used the guide and can share your experience, we'd love to
>>> > hear from you. You can add your quote to the OWASP wiki here:
>>> > http://www.owasp.org/index.php/Testing_Guide_Quotes
>>> >
>>> >
>>> > Thanks,
>>> > Mat
>>> >
>>> > --
>>> > Matteo Meucci
>>> > OWASP-Italy Chair, CISSP, CISA
>>> > http://www.owasp.org/index.php/Italy
>>> > OWASP Testing Guide lead
>>> > http://www.owasp.org/index.php/Testing_Guide
>>> <http://www.owasp.org/index.php/Testing_Guide>
>>> >
>> 
>> 
>> --
>> Matteo Meucci
>> OWASP-Italy Chair, CISSP, CISA
>> http://www.owasp.org/index.php/Italy
>> OWASP Testing Guide lead
>> http://www.owasp.org/index.php/Testing_Guide
> 
> 
> 
> 
> 
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/owasp-board


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070223/6baaec88/attachment-0002.html>


More information about the Owasp-board mailing list