[Owasp-board] OWASP Top 10 ... Done!

Dave Wichers dave.wichers at owasp.org
Mon Jan 29 14:56:56 UTC 2007


Excellent job finishing all this up. Looks great. I did one more quick pass
through your changes and made a few more minor edits / corrections.

It is attached and I agree it's ready to go.



-----Original Message-----
From: Andrew van der Stock [mailto:vanderaj at aspectsecurity.com] 
Sent: Monday, January 29, 2007 2:51 AM
To: Jeff Williams; Dave Wichers; Dinis Cruz
Subject: OWASP Top 10 ... Done!

Hi guys,

I've spent a goodly portion of this weekend going through the Top 10 Dave
sent through with a fine tooth comb.

Some of the changes:

* Fixed / resolved all of Dave's comments and yellow text
* Replaced some text to be clearer (generally near where Dave's comments
* Updated graph and tables to adhere to new chapter names and update the
stats as per their raw values
* Fitted the summary onto a single page
* All samples in all 10 chapters actually go somewhere useful
* Improved links and references
* Added one new section (Vulnerabilities, not attacks) as one comment I got
from Jeremiah re: my ToC post to my blog last month, was that the ToC
doesn't deal with phishing, identity theft, etc. So I added a section
showing how this T10 deals with those sorts of attacks and a few others

Dinis/Jeff/Dave, if you're happy, I'm happy with this draft and I consider
it ready to be forwarded to -leaders and the T10 list. Even if it's now not
as perfect as it could be, I think we can make further changes during the
comments period rather than hanging on to it any longer.

It's time to get this baby out the door!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OWASP Top 10 2007 RC1.doc
Type: application/msword
Size: 592896 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070129/1a7d628f/attachment-0002.doc>

More information about the Owasp-board mailing list