[Owasp-board] [Owasp-guide] Welcome to OWASP Foundation

Jeff Williams jeff.williams at owasp.org
Fri Jul 23 20:38:55 UTC 2010


New items are absolutely encouraged.  We should give them OWASP numbers and get alignment across all the guides.  Ultimately we want guidance for each item from the following perspectives:

1. Requirement (asvs)
2. How to develop it right (dev guide)
3. How to verify it's right with testing (testing guide)
4. How to verify it's right with code review (CRT)

This is going to be awesome!

--Jeff

Jeff Williams
Aspect Security
work: 410-707-1487
main: 301-604-4882



On Jul 22, 2010, at 3:21 PM, "Dave Wichers" <dave.wichers at owasp.org> wrote:

> I would recommend both goals, with the primary (and hopefully easier one), being ASVS alignment, and then expanding or enhancing the guide as much as the volunteers have the energy for.
> 
>  
> 
> The guide is a bit long in the tooth so it definitely needs updating/refreshing in addition to reorganization to match ASVS.
> 
>  
> 
> My 0.02 anyway.
> 
>  
> 
> -Dave
> 
>  
> 
> From: owasp-board-bounces at lists.owasp.org [mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Paulo Coimbra
> Sent: Tuesday, July 20, 2010 7:00 AM
> To: 'OWASP Foundation Board List'; 'Global Projects Committee'
> Cc: 'Andrew van der Stock'; 'Anurag Agarwal'; 'Vishal Garg'
> Subject: Re: [Owasp-board] [Owasp-guide] Welcome to OWASP Foundation
> 
>  
> 
> Board & GPC,
> 
>  
> 
> Please see below Anurag’s question regarding the OWASP Development Guide’s positioning.
> 
>  
> 
> Thanks,
> 
>  
> 
> Paulo Coimbra,
> 
> OWASP Project Manager
> 
>  
> 
> From: Anurag Agarwal [mailto:anurag.agarwal at yahoo.com] 
> Sent: segunda-feira, 19 de Julho de 2010 22:36
> To: 'Andrew van der Stock'; 'Vishal Garg'
> Cc: 'Paulo Coimbra'
> Subject: RE: [Owasp-guide] Welcome to OWASP Foundation
> 
>  
> 
> Will do.
> 
>  
> 
> On a different note, I was talking to Vishal and it appears there is no clearly defined goal for this initiative. So my question to both of you is
> 
>  
> 
> Are we just looking at ASVS alignment or are we looking at revising the content to adding new stuff as well?
> 
>  
> 
> P.S. – Should I send this mail to GPC?
> 
>  
> 
> Thanks
> 
> Anurag
> 
>  
> 
>  
> 
> From: Andrew van der Stock [mailto:vanderaj at owasp.org] 
> Sent: Monday, July 19, 2010 5:30 PM
> To: Anurag Agarwal; Vishal Garg
> Cc: Paulo Coimbra
> Subject: Re: [Owasp-guide] Welcome to OWASP Foundation
> 
>  
> 
> Done - and Vishal is also admin.
> 
>  
> 
> I'm okay if you make me a contributor for the OWASP Guide project as I'm not likely to be back in the short to medium term. 
> 
>  
> 
> Can you please add Paulo as a project admin - the GPC should be able to do this for every OWASP project. 
> 
>  
> 
> thanks,
> 
> Andrew
> 
>  
> 
> On 19/07/2010, at 2:26 PM, Anurag Agarwal wrote:
> 
>  
> 
> anuraag.agarwwal at gmail.com
> 
>  
> 
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 9.0.839 / Virus Database: 271.1.1/3014 - Release Date: 07/19/10 14:36:00
> 
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100723/fa8e863c/attachment-0002.html>


More information about the Owasp-board mailing list