[OWASP-LEADERS] Re-introductions and a few things......

moksha faced admin at mokshafaced.com
Tue Jan 14 23:22:24 EST 2003

Hi Folks,

Apologies for the earlier levity (if apologies are
warranted or if any one was offended).  I've been in
the security field since 82 when I worked on private
key crypto and tactical HF/SAT telecomm systems in the
Army.  Although my major in college was Physics I keep
gravitating back into CompSci stuff and am currently
pursuing my masters at vt.edu in CompSci.  

Most of my experience is in InfoSec and development in
whatever the sexy language of the day is for primarily
financial institutions.  I had a five-year stint
recently doing pen-testing, ethical whathaveyou, web
development - but grew tired of the travel and being
away from my wife and two wonderful kids - hung my
guns up and now work for a big bank (yep, back in
Corporate America).

I got involved in OWASP as a Linux/OSF/GPL biggot when
I posted an email to dizzie about creating a tool like
the Sleuth in Java that would run on anything.  OWASP
was just forming then and a handful of us started
strategizing about the Webscarab.  In keeping with GPL
and OOP we decided to reuse as much code as possible
but it hasn't gone extremely well and I'm the sole
developer for it now.  I have a long list of bugs to
work out, tons of enhancements and features everyone
wants and very little time to actually spend on it
without dropping a few flaming torches I try to

My real reason for volunteering my *spare time* to
OWASP and OSF is that COTS stuff simply stinks most of
the time and I love writing tools for specific needs
that COTS stuff just doesn't solve.  You see guys all
the time starting up an Open Source Foundation type
product only to have them bought out by folks who've
run out of ideas and still dare to call themselves
'visionaries'. It's a tough fight, but one that I
humbly submit is worth the effort, whatever effort you
can afford to spend.  All we have are these streaming
moments and I choose to try to spend my wisely.

AND, I really will get openproxy out soon, I PROMISE. 
Once we/I've done the VulnXML and integrated what we
have so far... it'll be a nice little testing utility.

Warm regards,
-Steve Taylor ( stealth... BAH! )

--- Mark Curphey <mark at curphey.com> wrote:
> Hi Guys
> I spent some time on the phone today with a few of
> you and I think there are generally a few things I
> (we) can probably do a little better. 
> Alex and I are going to take a first stab at a
> strawman of a few guidelines that will make all of
> our lives easier, which we will circulate for
> discussion in a week or so.
> In the meantime I wonder if everyone on this list
> can re-introduce themselves. There are some new
> people on the list, others don't know each other as
> well as I know you all and quite frankly I haven't
> done a good job of introducing people. Perhaps a
> paragraph about your background, what you do for a
> living and some details of the OWASP projects you
> are working on or have worked on. Maybe some words
> about your ideas of what we could do better as well
> might be good for discussion. 
> I will send mine when I get back home later today.
> Thanks
> Mark
> This SF.NET email is sponsored by: Take your first
> step towards giving 
> your online business a competitive advantage.
> Test-drive a Thawte SSL 
> certificate - our easy online guide will show you
> how. Click here to get 
> started:
> _______________________________________________
> Owasp-leaders mailing list
> Owasp-leaders at lists.sourceforge.net

More information about the OWASP-Leaders mailing list