[Owasp-leaders] 2010 Elections

kuai hinojosa kuai.hinojosa at owasp.org
Tue Dec 2 13:27:49 EST 2008


And don't forget liabilities...

On Dec 2, 2008, at 12:02 PM, Mandeep Khera wrote:

> I have to agree with Fabio here. Giving certifications to Web sites  
> is like a putting a bulls eye on the site for hackers as we have  
> seen with some seals out there including McAfee and others. It  
> requires a lot of work to make sure that the Web sites are secure  
> and even then it's not always hundred percent.
>
> Mandeep Khera
> Chief Marketing Officer
> Cenzic, Inc.
> www.cenzic.com | (866) 423-6942
> 455 El Camino Real, Ste. 100
> Santa Clara, CA 95050
> Phone: (408) 200-0712
> Email:  mandeep at cenzic.com
> Fax: (408) 200-0701
>
> #1 in Enterprise Web Application Vulnerability Assessment and Risk  
> Management
> SC Magazine Best Buy http://www.cenzic.com/downloads/pdf/SC_magazine_04-2008.pdf
> Gartner Video: Web App Security
> https://www.cenzic.com/landing/GartnerVideo/
>
>
>
>
> From: owasp-leaders-bounces at lists.owasp.org [mailto:owasp-leaders-bounces at lists.owasp.org 
> ] On Behalf Of fabio.e.cerullo at aib.ie
> Sent: Tuesday, December 02, 2008 1:53 AM
> To: McGovern, James F (HTSC, IT)
> Cc: OWASP-Leaders at lists.owasp.org
> Subject: Re: [Owasp-leaders] 2010 Elections
>
>
> you are suggesting risky waters there... imagine if the website is  
> defaced and the OWASP badge is sitting at the bottom of their site?
>
> also, that would mean continuosly monitoring these websites as new  
> vulnerabilities are discovered.
>
> Mcafee already run into trouble thanks to their Hacker Safe  
> certificate...
>
> http://attrition.org/errata/sec-co/mcafee07.html
>
> Fabio Cerullo
> Information Security
> Bankcentre D1,
> Ballsbridge,
> Dublin 4,
> Ireland.
>
> Tel: +353 1 642 6309
> Email: fabio.e.cerullo at aib.ie
>
>
>
> "McGovern, James F (HTSC, IT)" <James.McGovern at thehartford.com>
> Sent by: owasp-leaders-bounces at lists.owasp.org
> 01/12/2008 18:08
>
>
>         To:        <OWASP-Leaders at lists.owasp.org>
>         cc:
>         Subject:        [Owasp-leaders] 2010 Elections
>
>
>
>
> I had another half-baked idea for a 2009 project and wanted to get  
> reactions from others. Many folks are aware that Barack Obama raised  
> a lot of money for his Presidential campaign via his website.  
> Likewise, his website was under attack. What would we think if we as  
> members of OWASP helped senators, congressman, etc in a non-partisan  
> way audit their websites at no charge and do so in exchange for an  
> OWASP badge at the bottom of their site.
>
> We all make fun of those websites that display badges indicating 128- 
> bit SSL but need to noodle whether the badging strategy could work  
> for OWASP as a way to spread brand in a controlled manner. Bringing  
> a higher-level badging strategy would be beneficial to the industry.  
> Imagine a badge indicating that they are OWASP Top Ten compliant  
> where upon clicking it, we could explain security to average users...
> ************************************************************
> This communication, including attachments, is for the exclusive use  
> of addressee and may contain proprietary, confidential and/or  
> privileged information.  If you are not the intended recipient, any  
> use, copying, disclosure, dissemination or distribution is strictly  
> prohibited.  If you are not the intended recipient, please notify  
> the sender immediately by return e-mail, delete this communication  
> and destroy all copies.
> ************************************************************
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
> ******************************************************
> This document is strictly confidential and is intended for use by  
> the addressee unless otherwise indicated.
>
> This email has been scanned by an external email security system.
>
> Allied Irish Banks
>
> AIB and AIB Group are registered business names of Allied Irish  
> Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the  
> Financial Regulator.  Registered Office: Bankcentre, Ballsbridge,  
> Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered  
> No. 24173
>
> Please consider the environment before printing this e-mail.
> ******************************************************
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-leaders/attachments/20081202/fdf2195c/attachment.html 


More information about the OWASP-Leaders mailing list