[Owasp-guide] OWASP dev Guide - Input Validation

Vishal Garg vishalgrg at gmail.com
Sat Sep 25 14:53:33 EDT 2010


Hi All,

I now had the opportunity to review the guide to ensure that all the
sections adhere to ASVS standard.

I found that most of the sections of the guide have been structured as
required with the exception of few. The sections that do not adhere to this
requirement are:

OWASP-1000 - Communication Security
OWASP-1100 - HTTP Security
OWASP-1300 - Malicious Code Search

Section leaders, please could you ensure that the above sections adhere to
the ASVS standard.

Please let me know if you have any difficulty in following the above
guidelines and I'll explain further in more detail.

I will discuss about the schedule for the further development of the guide
with Anurag in a separate email and we will announce it to the mailing list
shortly.

Regards
Vishal

On Mon, Sep 20, 2010 at 9:56 PM, Vishal Garg <vishalgrg at gmail.com> wrote:

> Hello Koen and All,
>
> I am currently reviewing all the sections (only for structure) to ensure
> that everyone is following the same guidelines and that the new guide
> adheres to the ASVS standard. I'm hoping to get the review done by the end
> of this week and then I'll provide my feedback to everyone.
>
> I am sure there are few people who have joined the team recently and they
> do not yet have received proper guidelines to progress further. I will also
> provide details about this in my next email.
>
> In the meantime, if someone has any queries, please do not hesitate to get
> in touch with me.
>
> Regards
> Vishal
>
>
>
> On Sun, Sep 19, 2010 at 3:57 PM, Anurag Agarwal <anurag.agarwal at yahoo.com>wrote:
>
>> Koen - Vishal is currently in the process of reviewing it and will get
>> back
>> to you once he is done.
>>
>>
>> Thanks,
>>
>> Anurag Agarwal
>> MyAppSecurity Inc
>> Cell - 919-244-0803
>> Email - anurag at myappsecurity.com
>> Website - http://www.myappsecurity.com
>> Blog - http://myappsecurity.blogspot.com
>> LinkedIn - http://www.linkedin.com/in/myappsecurity
>>
>>
>>
>>
>>
>> -----Original Message-----
>> From: Koen Machilsen [mailto:koen.machilsen at skynet.be]
>> Sent: Sunday, September 19, 2010 6:19 AM
>> To: anurag.agarwal at yahoo.com; vishalgrg at gmail.com
>> Subject: OWASP dev Guide - Input Validation
>>
>> Hey Guys,
>>
>> Currently I am voluteering for the guide and "working" on section Input
>> Validation. I admit I haven't been following the mailinglist list in
>> detail. Once in a while I queried Tom, the section's lead, on how to
>> progress and so on. Not much usefull feedback were received and almost
>> no actions were taken so far. I got an answer he will propably withdraw
>> his involvement. So two questions for you:
>>
>> 1. can we assign another lead? I can't commit lot of time so I don't
>> want to take on a role I cannot fullfil. But I want to contribute with
>> clear guidance.
>>
>> 2. can you summarize what is to do done exacttly? All the things Mike
>> send out were not that clear to me ...
>>
>> Thanks for understanding
>>
>> Koen
>> No virus found in this incoming message.
>> Checked by AVG - www.avg.com
>> Version: 9.0.851 / Virus Database: 271.1.1/3138 - Release Date: 09/17/10
>> 02:34:00
>>
>>
>


-- 
Vishal Garg

Linkedin: http://www.linkedin.com/in/vishalgrg
Twitter: http://www.twitter.com/vishalgrg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-guide/attachments/20100925/d78d06ca/attachment.html 


More information about the Owasp-guide mailing list