[Owasp-guide] [Owasp-board] Welcome to OWASP Foundation

Anurag Agarwal anurag.agarwal at yahoo.com
Sat Jul 24 10:19:00 EDT 2010


Jeff – Even though this is pretty ambitious but I completely agree that this should be the way to go. Linking these documents will make them even more stickier and reflect the true brand of OWASP as a collaborative set of standards. It would be nice to have a vision and the same message is filtered down through various standards. But in order to achieve this, we will require a leader who has an understanding of not only ASVS but development standards, testing standards and code review standards. He will be working with the vision (which can be refined by OWASP leaders) and will work with other individual project leaders to make sure the message is properly communicated through every individual standard.

 

Thoughts / Suggestions?

 

Anurag

 

 

From: Jeff Williams [mailto:jeff.williams at owasp.org] 
Sent: Friday, July 23, 2010 4:39 PM
To: Dave Wichers
Cc: Paulo Coimbra; OWASP Foundation BoardList; Global Projects Committee; Andrew van der Stock; Anurag Agarwal; Vishal Garg
Subject: Re: [Owasp-board] [Owasp-guide] Welcome to OWASP Foundation

 

New items are absolutely encouraged.  We should give them OWASP numbers and get alignment across all the guides.  Ultimately we want guidance for each item from the following perspectives:

 

1. Requirement (asvs)

2. How to develop it right (dev guide)

3. How to verify it's right with testing (testing guide)

4. How to verify it's right with code review (CRT)

 

This is going to be awesome!


--Jeff

 

Jeff Williams

Aspect Security

work: 410-707-1487

main: 301-604-4882

 

 


On Jul 22, 2010, at 3:21 PM, "Dave Wichers" <dave.wichers at owasp.org> wrote:

I would recommend both goals, with the primary (and hopefully easier one), being ASVS alignment, and then expanding or enhancing the guide as much as the volunteers have the energy for.

 

The guide is a bit long in the tooth so it definitely needs updating/refreshing in addition to reorganization to match ASVS.

 

My 0.02 anyway.

 

-Dave

 

From: owasp-board-bounces at lists.owasp.org [mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Paulo Coimbra
Sent: Tuesday, July 20, 2010 7:00 AM
To: 'OWASP Foundation Board List'; 'Global Projects Committee'
Cc: 'Andrew van der Stock'; 'Anurag Agarwal'; 'Vishal Garg'
Subject: Re: [Owasp-board] [Owasp-guide] Welcome to OWASP Foundation

 

Board & GPC,

 

Please see below Anurag’s question regarding the OWASP Development Guide’s positioning.

 

Thanks, 

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: Anurag Agarwal [mailto:anurag.agarwal at yahoo.com] 
Sent: segunda-feira, 19 de Julho de 2010 22:36
To: 'Andrew van der Stock'; 'Vishal Garg'
Cc: 'Paulo Coimbra'
Subject: RE: [Owasp-guide] Welcome to OWASP Foundation

 

Will do.

 

On a different note, I was talking to Vishal and it appears there is no clearly defined goal for this initiative. So my question to both of you is

 

Are we just looking at ASVS alignment or are we looking at revising the content to adding new stuff as well? 

 

P.S. – Should I send this mail to GPC?

 

Thanks

Anurag

 

 

From: Andrew van der Stock [mailto:vanderaj at owasp.org] 
Sent: Monday, July 19, 2010 5:30 PM
To: Anurag Agarwal; Vishal Garg
Cc: Paulo Coimbra
Subject: Re: [Owasp-guide] Welcome to OWASP Foundation

 

Done - and Vishal is also admin.

 

I'm okay if you make me a contributor for the OWASP Guide project as I'm not likely to be back in the short to medium term. 

 

Can you please add Paulo as a project admin - the GPC should be able to do this for every OWASP project. 

 

thanks,

Andrew

 

On 19/07/2010, at 2:26 PM, Anurag Agarwal wrote:

 

anuraag.agarwwal at gmail.com

 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 9.0.839 / Virus Database: 271.1.1/3014 - Release Date: 07/19/10 14:36:00

_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 9.0.851 / Virus Database: 271.1.1/3023 - Release Date: 07/23/10 02:36:00

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-guide/attachments/20100724/2db40724/attachment.html 


More information about the Owasp-guide mailing list