[Owasp-guide] Updated assignments -- please read -- due date 4/2

Boberski, Michael [USA] boberski_michael at bah.com
Fri Apr 2 13:31:06 EDT 2010

Reminder about the email below!

I'll give folks the weekend, i.e. until Monday, to check in given the holiday.

Please make sure to do so though if you would like to contribute, going forward.

I appreciate that things are fluid, but we need to jump in there, as an increasing number of brave souls are now doing. Think Agile, use the mail list, etc.


Mike B.

There is no "trust but verify" when it comes to application security!
Verify, THEN trust! Read the entire post: Inside Booz Allen<http://hello.bah.com/blogs/index.php/SoftwareAssuranceCoP/2010/04/01/there_is_no_trust_but_verify>, Outside of Booz Allen<http://mikeboberski.blogspot.com/2010/04/there-is-no-trust-but-verify.html>

From: owasp-guide-bounces at lists.owasp.org [mailto:owasp-guide-bounces at lists.owasp.org] On Behalf Of Boberski, Michael [USA]
Sent: Friday, March 26, 2010 2:20 PM
To: owasp-guide at lists.owasp.org
Subject: Re: [Owasp-guide] Updated assignments -- please read -- due date 4/2

Reminder about the email below!

Please follow e.g. Pierre's good example, let's get some some first cracks at wiki pages and worksheets out there!!

If folks are familiar with Agile development, we want to do something akin to that, better to release frequently and inch along, than to disappear for a long time and show up with something that isn't OK...


Mike B.

From: owasp-guide-bounces at lists.owasp.org [mailto:owasp-guide-bounces at lists.owasp.org] On Behalf Of Boberski, Michael [USA]
Sent: Tuesday, March 23, 2010 12:15 PM
To: owasp-guide at lists.owasp.org
Subject: [Owasp-guide] Updated assignments -- please read -- due date 4/2


I'm refining the initial assignments, please see: http://code.google.com/p/owasp-development-guide/wiki/ProjectManagement_Assignments

Instruction #1

Basically, I would like every one to follow Ken's lead and do an unedited cut-paste from the previous Guide into their sections as appropriate. This will require you search through the Guide to find applicable content, or to put "no content from previous Guide" or some such on your wiki pages.

Instruction #2

Then, the focus should be on worksheets using the input validation as the example. Everyone should create a copy of the input validation worksheet Word doc, rename it for their section, check it in, and add a wiki page link to it in their section, as a first step. I see a few have already done this, good job. I like the updated file name convention putting the OWASP common number in the file name, good job, good example of cross-team communication (even if one team only copied the other after seeing what they checked in and deciding it made sense for them too, rather than an explicit conversation). Tom Stripling can you do an SVN file rename accordingly for input validation?

Due Date

Let us say that the cut-paste should be done by 4/2, and that at least a renamed version of the input validation worksheet should be checked in and linked to the corresponding page by the same date.

Please let me know if you have any questions. Please follow Ken's lead, and use the list to engage with the team. If you cannot complete the above assignment by the above date, please let me know what date you can complete the assignment by, or if your availability to work on the Guide has changed.

Coming soon will be more detailed assignments and direction for modifying content from the previous Guide, and for creating new content. Detailed direction is always available via the mail list, but you have to ask for help in order to get it, I don't know if you're having problems if you don't email the list with status or if you don't reach out with questions as you have them.


Mike B.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-guide/attachments/20100402/e93f70e9/attachment-0001.html 

More information about the Owasp-guide mailing list