[owasp-intrinsic-security] OWASP Open Review support for IntrinsicSecurity

Arshan Dabirsiaghi arshan.dabirsiaghi at aspectsecurity.com
Fri Sep 12 10:26:34 EDT 2008

For the Open Source applications we are trying to work with, I think it would be very cool to collaborate. Find me in NYC. They may have already done some of this work.


From: owasp-intrinsic-security-bounces at lists.owasp.org on behalf of Dan Cornell
Sent: Fri 9/12/2008 10:03 AM
To: owasp-intrinsic-security at lists.owasp.org
Cc: Fredrick Lee; Mario de Boer; Brian Chess; Jacob West; James Walden
Subject: [owasp-intrinsic-security] OWASP Open Review support for IntrinsicSecurity


A number of folks have been working to put together the OWASP Open Review Project <http://www.owasp.org/index.php/Category:OWASP_Open_Review_Project> to provide both automated and manual security review for open source projects.  As part of this, the Fortify folks have made their SCA technology available to perform automated reviews <http://owasp.fortify.com/>

I think there is an opportunity for what we are doing to support the Intrinsic Security project.  You all are working with a variety of both open and closed source vendors on security issues.  The Open Review Project could be used to provide reviews for the open source project you are working with - for example Mozilla, Spring, etc.  Hopefully your liaisons with those projects can help to make sure any identified issues get addressed.

We are still getting up and running and we will be shaking out some technical and process bugs as we go, but I am interested to know if you all think this would be valuable for what you all are trying to do.

I will be in NYC in a couple of weeks so perhaps we can catch up there.



Dan Cornell | Principal
3463 Magic Drive, Suite 315
San Antonio, Texas 78229
office 210.572.4400
cellular 210.859.0921
DENIM GROUP | Build Integrate Secure

owasp-intrinsic-security mailing list
owasp-intrinsic-security at lists.owasp.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-intrinsic-security/attachments/20080912/aa2d957b/attachment.html 

More information about the owasp-intrinsic-security mailing list