<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>From <a href="http://www.eweek.com/security/slideshows/top-10-common-application-attacks-to-avoid.html">http://www.eweek.com/security/slideshows/top-10-common-application-attacks-to-avoid.html</a></div><div><br></div><div>"<span style="text-align: justify; background-color: rgba(255, 255, 255, 0);">To do this, the Open Web Application Security Project (OWASP) has put together a list of the top ten common application attacks. Based on information from the IBM Security Ethical Hacking team, eWEEK examines, in descending order, which app attacks tend to occur with the most frequency and severity."</span><br><br>Sent from my iPhone</div><div><br>On Aug 24, 2015, at 10:47 PM, Michael Coates <<a href="mailto:michael.coates@owasp.org">michael.coates@owasp.org</a>> wrote:<br><br></div><blockquote type="cite"><div><div dir="ltr"><div>OWASP Top 10 is licensed as <span style="color:rgb(54,43,54);font-family:sans-serif;font-size:14px;line-height:22.3999996185303px;background-color:rgb(242,245,247)">Creative Commons Attribution-ShareAlike 3.0 license.</span><br></div><div><font color="#362b36" face="sans-serif"><span style="font-size:14px;line-height:22.3999996185303px">From my understanding basic attribution would be required. <br></span></font><div><br></div><div>I'd recommend waiting for feedback from the project leader first. In all of these situations my hope is always that we can reach out, inform the other party of the situation and correct the situation.</div><div><br></div><div><br></div><div><a href="https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project">https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project</a><br></div><div><h2 style="color:black;font-weight:normal;margin:1em 0px 0.25em;overflow:hidden;padding:0px;border-bottom-width:1px;border-bottom-style:solid;border-bottom-color:rgb(170,170,170);font-family:sans-serif;line-height:1.3;background:none rgb(242,245,247)"><span class="" id="Licensing">Licensing</span></h2><p style="margin:0.5em 0px;line-height:22.3999996185303px;color:rgb(54,43,54);font-family:sans-serif;font-size:14px;background-color:rgb(242,245,247)">The OWASP Top 10 is free to use. It is licensed under the<a rel="nofollow" class="" href="http://creativecommons.org/licenses/by-sa/3.0/" style="text-decoration:none;color:rgb(11,0,128);padding-right:13px;background:linear-gradient(transparent,transparent) 100% 50% no-repeat,url(data:image/svg+xml)">http://creativecommons.org/licenses/by-sa/3.0/</a> Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.</p></div></div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><br>--<br>Michael Coates | <a href="https://twitter.com/intent/user?screen_name=_mwc" target="_blank">@_mwc</a><br></div><div>OWASP Global Board<br></div><div dir="ltr"><div>Join me at <a href="http://AppSecUSA.org" target="_blank">AppSecUSA</a> 2015 in San Francisco!</div><div><br></div><div><br><br></div></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Mon, Aug 24, 2015 at 6:43 PM, Jim Manico <span dir="ltr"><<a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto"><div>A member of our community informed me that someone packaged up the OWASP Top Ten 2013 and rebranded it without OWASP attribution.  The info is below. What do you think?</div><div><br></div><div><a href="http://mobile.eweek.com/security/slideshows/top-10-common-application-attacks-to-avoid.html" target="_blank">http://mobile.eweek.com/security/slideshows/top-10-common-application-attacks-to-avoid.html</a></div><div><br><div>--</div><div>Jim Manico</div><div><div><div style="word-wrap:break-word"><div><span style="background-color:rgba(255,255,255,0)">Global Board Member</span></div><span style="background-color:rgba(255,255,255,0)">OWASP Foundation</span><div><a href="https://www.owasp.org/" style="background-color:rgba(255,255,255,0)" target="_blank"><font color="#000000">https://www.owasp.org</font></a></div></div></div><div><span style="background-color:rgba(255,255,255,0)">Join me at <a href="http://appsecusa.org/" target="_blank">AppSecUSA</a> 2015!</span></div></div></div><div><br>Begin forwarded message:<br><br></div><blockquote type="cite"><div><b>Date:</b> August 24, 2015 at 7:52:10 PM CDT<br><b>To:</b> Jim Manico <<a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>><br><b>Subject:</b> <b>Tweet by Chris Wysopal on Twitter</b><br><br></div></blockquote><blockquote type="cite"><div><div><table style="border:1px solid black;padding:8px"><tbody><tr valign="bottom"><td width="48"><img src="https://pbs.twimg.com/profile_images/613065292709801985/LapqXdxh_normal.jpg" style="width:48px;min-height:48px;padding-right:8px"></td><td><b>Chris Wysopal (<a href="https://twitter.com/weldpond?refsrc=email&s=11" target="_blank">@WeldPond</a>)</b></td></tr><tr><td colspan="2"><div><a href="https://twitter.com/weldpond/status/635881727165132800?refsrc=email&s=11" target="_blank">8/24/15, 8:29 PM</a></div><div>Based on information from IBM? Isn't this just the OWASP Top 10? <a href="https://twitter.com/eWEEKNews" target="_blank">@eWEEKNews</a> <a href="http://t.co/oLchlob5Ff" target="_blank"><span>eweek.com/security/slideā€¦</span></a></div></td></tr></tbody></table><br> <a href="https://twitter.com/download?ref_src=MailTweet-iOS" target="_blank">Download</a> the Twitter app
</div></div></blockquote></div><br>_______________________________________________<br>
Owasp-board mailing list<br>
<a href="mailto:Owasp-board@lists.owasp.org">Owasp-board@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-board" rel="noreferrer" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-board</a><br>
<br></blockquote></div><br></div>
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Owasp-board mailing list</span><br><span><a href="mailto:Owasp-board@lists.owasp.org">Owasp-board@lists.owasp.org</a></span><br><span><a href="https://lists.owasp.org/mailman/listinfo/owasp-board">https://lists.owasp.org/mailman/listinfo/owasp-board</a></span><br></div></blockquote></body></html>