[Owasp-board] New project for OWASP

Paulo Coimbra paulo.coimbra at owasp.org
Mon Feb 23 15:49:04 UTC 2009


Hello Ryan, 

 

I hope you are well and wonder if you are kind enough to forgive me the delay of setting up OWASP the Web Application Scanner Specification project’s page.

 

It has now been done and can be accessed here <https://www.owasp.org/index.php/Category:OWASP_Web_Application_Scanner_Specification_Project> . Please feel free to change it as you find best but, please, always have into account the OWASP assessment <https://www.owasp.org/index.php/Category:OWASP_Project_Assessment>  criteria.

 

I’ve also created a project’s mailing list and, by now, the admin password must have been sent automatically to you. 

 

If I may, I suggest contacting OWASP project leaders (owasp-leaders at lists.owasp.org) to publicize the project and seek out for ideas and/or contributors. 

 

Should you have any further questions, please do not hesitate and get back to me.

 

I wish you good work.

 

Many thanks, best regards,

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: Corey LeBleu [mailto:coreylebleu at gmail.com] 
Sent: terça-feira, 10 de Fevereiro de 2009 18:45
To: paulo.coimbra at owasp.org
Subject: Re: New project for OWASP

 

Hi Paulo, 

Answers to the questions are attached, Matt already looked at them.  Thanks.

Corey LeBleu

On Sun, Feb 8, 2009 at 7:43 AM, Paulo Coimbra <paulo.coimbra at owasp.org> wrote:

Hello Matt,

 

I hope you are well and thank your email. Cheers!

 

Dear Corey,

 

It's a pleasure to meet you! I noted the very positive way in which Matt does assess your proposal and I also welcome your intention to become an OWASP project leader.  

 

As requested I will set a project page for you and, to do so, I ask you to be kind enough to send me off the following information.

 

1.       Project Name,

2.       Short Project Description,

3.       Main link(s) – if any,

4.       Related project(s) – if any,

5.       Detailed roadmap for future developments,

6.       License – see here <http://www.owasp.org/index.php/OWASP_Licenses> , 

7.       Sponsor(s) – if any,

8.       Project Leader*,

9.       Project Contributors* - if any,

10.   First Reviewer – *,

11.   Second Reviewer*,

 

Meanwhile, for your reference, please read the OWASP Assessment Criteria <https://www.owasp.org/index.php/Category:OWASP_Project_Assessment>  and take a look at an example of an OWASP Project skeleton/main frame <https://www.owasp.org/index.php/Project_Information:template_Code_Review_Project> .

 

Please have into account that, in result of what is established in the above referred Assessment Criteria, if possible, the project's lead should suggest two Project Reviewers and, at least, one of them should be an OWASP Project or Chapter Leader. However, if you find impossible to track them down, please let me know and I will try and help.

 

* For Project Leader, Contributors and Reviewers please create a wiki account <https://www.owasp.org/index.php/Special:Userlogin>  and send me off the link. See here <https://www.owasp.org/index.php/Tutorial>  how to do it and here <https://www.owasp.org/index.php/Category:OWASP_Live_CD_Project>  and here <https://www.owasp.org/index.php/User:Mtesauro>  an example of how it will be used.

 

Should you have any further questions, please do not hesitate and get back to me.

 

Many thanks, best regards,

 

Paulo Coimbra,

OWASP Project <https://www.owasp.org/index.php/Main_Page>  Manager

 

> >-----Original Message-----

> >From: Matt Tesauro [mailto:mtesauro at gmail.com]

> >Sent: domingo, 8 de Fevereiro de 2009 02:17

> >To: Paulo Coimbra

> >Cc: coreylebleu at gmail.com

> >Subject: New project for OWASP

> >

> >Paulo,

> >

> >      I wanted to send this email to introduce Corey LeBlue to you.  I

> >met him at the release party the local OWASP chapter did for the OWASP

> >Live CD and he described something he's been working on that would be

> >a

> >perfect documentation project for OWASP.  While I'm sure Corey can

> >better and more elegantly explain his work, the basic idea behind this

> >work is to document all the tests an application scanner _should_ do.

> >To my mind, this would be greatly useful to evaluate and compare

> >application scanners as well as provide guidance to anybody who is

> >creating an application scanner.  Also, since this looks at the

> >problem

> >from a generic viewpoint, it perfectly aligns with OWASP vendor

> >neutral

> >position.

> >      I've briefly outlined the process for starting a project to

> >Corey

> >and explained the concept of the assessment criteria to him though I'm

> >not as familiar with the documentation specifics as I am the tool

> >criteria.  He also has been told about the need for two reviewers on

> >any

> >project.

> >      Corey was kind enough to share a draft of his work with me and

> >I'm

> >certain it would be a valuable addition to the documents OWASP

> >currently

> >offers.  Feel free to contact Corey directly at the email address

> >above

> >to begin the project initiation process with him.  Feel free to

> >contact

> >me as well should you have any questions.  Thanks.

> >

> >Cheers!

> >

> >--

> >-- Matt Tesauro

> >OWASP Live CD Project Lead

> >http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project

> >http://mtesauro.com/livecd/ - Documentation Wiki

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20090223/c0757101/attachment-0002.html>


More information about the Owasp-board mailing list