[Owasp-board] OWASP Top 10 ... Done!
dave.wichers at owasp.org
Mon Jan 29 14:56:56 UTC 2007
Excellent job finishing all this up. Looks great. I did one more quick pass
through your changes and made a few more minor edits / corrections.
It is attached and I agree it's ready to go.
From: Andrew van der Stock [mailto:vanderaj at aspectsecurity.com]
Sent: Monday, January 29, 2007 2:51 AM
To: Jeff Williams; Dave Wichers; Dinis Cruz
Subject: OWASP Top 10 ... Done!
I've spent a goodly portion of this weekend going through the Top 10 Dave
sent through with a fine tooth comb.
Some of the changes:
* Fixed / resolved all of Dave's comments and yellow text
* Replaced some text to be clearer (generally near where Dave's comments
* Updated graph and tables to adhere to new chapter names and update the
stats as per their raw values
* Fitted the summary onto a single page
* All samples in all 10 chapters actually go somewhere useful
* Improved links and references
* Added one new section (Vulnerabilities, not attacks) as one comment I got
from Jeremiah re: my ToC post to my blog last month, was that the ToC
doesn't deal with phishing, identity theft, etc. So I added a section
showing how this T10 deals with those sorts of attacks and a few others
Dinis/Jeff/Dave, if you're happy, I'm happy with this draft and I consider
it ready to be forwarded to -leaders and the T10 list. Even if it's now not
as perfect as it could be, I think we can make further changes during the
comments period rather than hanging on to it any longer.
It's time to get this baby out the door!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OWASP Top 10 2007 RC1.doc
Size: 592896 bytes
Desc: not available
More information about the Owasp-board