[Owasp-board] Stable Rating - > OWASP Secure Coding Practices - Quick Reference Guide/Releases SCP v1.1

Paulo Coimbra paulo.coimbra at owasp.org
Thu Sep 23 21:49:02 UTC 2010


GPC,

 

As for the OWASP Secure Coding Practices - Quick Reference Guide/Release SCP
v1.1, I've been contacted by Keith and been informed that '[he has had] both
reviewers, informally re-review the updated 1.1 version of the document'. 

 

Thus, having this into account and also what Brad and I are saying below in
this thread, I've replaced the template we typically use to assess new
releases and changed the release rate to Stable.

 

http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quic
k_Reference_Guide/Releases/SCP_v1.1/Assessment 

 

http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quic
k_Reference_Guide 

 

Please let me know whether or not you agree with the formula I am proposing
to singly deal with this situation and, while we don't find a definitive
solution, overtake what seems to me to be a limitation of the assessment
template to capture the dynamism of our review process.

 

Thanks,

----

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: bradcausey at gmail.com [mailto:bradcausey at gmail.com] On Behalf Of Brad
Causey
Sent: quarta-feira, 15 de Setembro de 2010 23:03
To: Paulo Coimbra
Cc: Turpin, Keith N; Jim Manico; Matt Tesauro; Ludovic Petit; Matt Tesauro;
Jeff Williams; JMcGovern at virtusa.com; michael.scovetta at gmail.com;
global-projects-committee at lists.owasp.org; OWASP Foundation Board List
Subject: Re: Secure coding guide feedback disposition

 

I second that.

-Brad Causey
CISSP, MCSE, C|EH, CIFI, CGSP

http://www.owasp.org
--
"Si vis pacem, para bellum"
--



On Wed, Sep 15, 2010 at 4:56 PM, Paulo Coimbra <paulo.coimbra at owasp.org>
wrote:

Keith,

 

I just wanted to say, that in my view, the systematization you have done is
simply fantastic. I will come to you again very soon to propose a swift way
for us to rate this release as a Stable one even before we introduce into
the assessment criteria the changes proposed by Matt Tesauro. 

 

http://www.owasp.org/images/6/64/SCP-QRG_Revisions_History.xls 

 

Many thanks, regards, 

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: Turpin, Keith N [mailto:keith.n.turpin at boeing.com] 
Sent: quarta-feira, 15 de Setembro de 2010 22:39
To: Paulo Coimbra; 'Jim Manico'; 'Matt Tesauro'
Cc: bradcausey at owasp.org; 'Ludovic Petit'; 'Matt Tesauro'; 'Jeff Williams';
JMcGovern at virtusa.com; michael.scovetta at gmail.com;
global-projects-committee at lists.owasp.org
Subject: Secure coding guide feedback disposition

 

This is just an FYI

 

I have uploaded a spreadsheet with all the feedback and dispositions on
version 1.0 of the Secure Coding Practices Quick Reference Guide. This was
used to update the project to version 1.1. The spreadsheet is available on
the Main project page.

 

Feedback on future versions will be similarly tracked and published.

 

 

 

Keith Turpin CISSP, CSSLP 

The Boeing Company 

Information Security 

(206) 683-9667 

 

Email Notice: This communication may contain sensitive information. If you
are not the intended recipient, or believe that you have received this
communication in error, do not print, copy, retransmit, disseminate or
otherwise use the information. Respond to the sender that you have received
this e-mail in error, and delete the copy you received.

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100923/b7eeb334/attachment-0002.html>


More information about the Owasp-board mailing list