[Owasp-board] Ounce Labs vs. OWASP Top Ten

Jeff Williams jeff.williams at owasp.org
Wed Jan 31 16:43:44 UTC 2007

Seems reasonable to me.  How does this look for a standard letter to send to
people who misuse our brand.  Obviously we'll have to change the last
paragraph for folks who are already members.  Not that membership is
permission to abuse the brand.


What do you think.



Subject: OWASP Top Ten reference




We've been notified that your company is referencing the OWASP Top Ten [ on
your website | in your press release | in your marketing material ] here [
URL ].  You may not know that OWASP has a set of established brand usage
rules that govern the use of the OWASP name and logo.




Could you provide details of how your [ product | service ] matches up with
the Top Ten?  In particular, can you confirm that you provide complete [
detection | protection ] for all the possible vulnerabilities covered by
each item in the Top Ten?


Going forward, we'd like you to reference the OWASP Top Ten 2007 Update,
which is more focused and is likely to be easier for you to address. The
first release candidate has been posted to our website, and is likely to
become final in early Spring.




Finally, I'd like you to consider becoming an OWASP member and supporting
our efforts.  Membership is a great way to help promote application security
and gain visibility for your company.




Please don't hesitate to contact me to discuss any of the above.  Thanks,






From: Andrew van der Stock [mailto:vanderaj at owasp.org] 
Sent: Wednesday, January 31, 2007 10:27 AM
To: Jeff Williams; OWASP Board
Subject: Re: [Owasp-board] Ounce Labs vs. OWASP Top Ten


Could we ask them nicely, to:

1.	describe how they comply with the Top 10 2004 in some detail 
2.	Ask them to consider updating it to the T10 2007 which is far more
3.	Ask them to be a corporate member?


On 1/31/07 10:20 AM, "Jeff Williams" <jeff.williams at aspectsecurity.com>

822BA941E37&siteid=mktw&dist=nbk> &siteid=mktw&dist=nbk

Jeff Williams, CEO

Aspect Security  <http://www.aspectsecurity.com/>

work: 410-707-1487

main: 301-604-4882


Owasp-board mailing list
Owasp-board at lists.owasp.org


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070131/6329ea54/attachment-0002.html>

More information about the Owasp-board mailing list