[Owasp-leaders] 2010 Elections

Puneet Mehta puneet.mehta at owasp.org
Wed Dec 3 10:02:46 EST 2008


and the reputation loss if it gets defaced...

On Tue, Dec 2, 2008 at 11:57 PM, kuai hinojosa <kuai.hinojosa at owasp.org>wrote:

> And don't forget liabilities...
>
>  On Dec 2, 2008, at 12:02 PM, Mandeep Khera wrote:
>
>  I have to agree with Fabio here. Giving certifications to Web sites is
> like a putting a bulls eye on the site for hackers as we have seen with some
> seals out there including McAfee and others. It requires a lot of work to
> make sure that the Web sites are secure and even then it's not always
> hundred percent.
>
>
> *Mandeep Khera*
> Chief Marketing Officer
> Cenzic, Inc.
> *****www.cenzic.com********** | (866) 423-6942*
> 455 El Camino Real, Ste. 100
> Santa Clara, CA 95050
> *Phone:* (408) 200-0712
> *Email:  mandeep at cenzic.com*
> *Fax:* (408) 200-0701
>
> #1 in Enterprise Web Application Vulnerability Assessment and Risk
> Management
> SC Magazine* Best Buy*
> http://www.cenzic.com/downloads/pdf/SC_magazine_04-2008.pdf
> *Gartner Video: Web App Security
> https://www.cenzic.com/landing/GartnerVideo/*
>
>
>
>  ------------------------------
> *From:* owasp-leaders-bounces at lists.owasp.org [
> mailto:owasp-leaders-bounces at lists.owasp.org<owasp-leaders-bounces at lists.owasp.org>]
> *On Behalf Of *fabio.e.cerullo at aib.ie
> *Sent:* Tuesday, December 02, 2008 1:53 AM
> *To:* McGovern, James F (HTSC, IT)
> *Cc:* OWASP-Leaders at lists.owasp.org
> *Subject:* Re: [Owasp-leaders] 2010 Elections
>
>
> you are suggesting risky waters there... imagine if the website is defaced
> and the OWASP badge is sitting at the bottom of their site?
>
> also, that would mean continuosly monitoring these websites as new
> vulnerabilities are discovered.
>
> Mcafee already run into trouble thanks to their Hacker Safe certificate...
>
> http://attrition.org/errata/sec-co/mcafee07.html
>
> Fabio Cerullo
> Information Security
> Bankcentre D1,
> Ballsbridge,
> Dublin 4,
> Ireland.
>
> Tel: +353 1 642 6309
> Email: fabio.e.cerullo at aib.ie
>
>
>
>   *"McGovern, James F (HTSC, IT)" <James.McGovern at thehartford.com>*
> Sent by: owasp-leaders-bounces at lists.owasp.org
>
> 01/12/2008 18:08
>
>         To:        <OWASP-Leaders at lists.owasp.org>
>         cc:
>         Subject:        [Owasp-leaders] 2010 Elections
>
>
>
>
> I had another half-baked idea for a 2009 project and wanted to get
> reactions from others. Many folks are aware that Barack Obama raised a lot
> of money for his Presidential campaign via his website. Likewise, his
> website was under attack. What would we think if we as members of OWASP
> helped senators, congressman, etc in a non-partisan way audit their websites
> at no charge and do so in exchange for an OWASP badge at the bottom of their
> site.
>
> We all make fun of those websites that display badges indicating 128-bit
> SSL but need to noodle whether the badging strategy could work for OWASP as
> a way to spread brand in a controlled manner. Bringing a higher-level
> badging strategy would be beneficial to the industry. Imagine a badge
> indicating that they are OWASP Top Ten compliant where upon clicking it, we
> could explain security to average users...
> ************************************************************
> This communication, including attachments, is for the exclusive use of
> addressee and may contain proprietary, confidential and/or privileged
> information.  If you are not the intended recipient, any use, copying,
> disclosure, dissemination or distribution is strictly prohibited.  If you
> are not the intended recipient, please notify the sender immediately by
> return e-mail, delete this communication and destroy all copies.
> ************************************************************
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
> ******************************************************
> This document is strictly confidential and is intended for use by the addressee unless otherwise indicated.
>
> This email has been scanned by an external email security system.
>
> Allied Irish Banks
>
> AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Financial Regulator.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173
>
> Please consider the environment before printing this e-mail.
> ******************************************************
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
Puneet Mehta CISSP CISA CEH CPTS BS7799 LA
OWASP Delhi Board
_______________________________________________
Owasp-delhi mailing list
Owasp-delhi at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-delhi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-leaders/attachments/20081203/ce7a38c3/attachment-0001.html 


More information about the OWASP-Leaders mailing list