[OWASP-LEADERS] RE: [OWASP-GUIDE] Session Management

Adrian Wiesmann awiesmann at swordlord.org
Mon Mar 8 14:57:53 EST 2004


Hey Mark

> Just took a look at the new structure of the Guide 2. Its looking great,
> well done. 

Thanks. Just thought I take over and change everything so nobody has a
clue anymore except me :)


> I wonder what you think about how we link the Testing work which focuses
> around the SDLC to the Guide ? Maybe we could have an overview chapter
> of the role security plays in the SDLC ? 

I think we should try to find some way of "recycling" all the OWASP
projects know-how into the Guide. The stuff Andrew has written (and afaik
he's a developer in some OWASP project?) about Session Management is just
great. So what I mean is it would be perfect if we somehow could have the
project members get their specific knowhow into the guide.

This would guarantee some constant evolution of the guide and would help
us to have industry testet know how covered. I think this could be a theme
for this summers meeting to delve into and discuss different strategies.

Regards,
Adrian




More information about the Owasp-guide mailing list