[Owasp-leaders] Owasp Source Code Flaws Top 10 Project

Eduardo V. C. Neves eduardo.neves at owasp.org
Mon Dec 15 10:36:42 EST 2008


Great initiative Paolo, I am already subscribed to the list and hope  
to help you.

best regards,

Eduardo

On Dec 15, 2008, at 12:10 PM, Paolo Perego wrote:

> Hello leaders, I'm really happy to announce a new documentation  
> project I started today. Our Top 10 most critical web app  
> vulnerabilities is the standard de facto when trying to summarize  
> findings when you assess a web application. And it is great.
>
> Looking at source code assessment (or code review, or static  
> analysis, or whatever the name you want to use :-)), nothing like  
> this exists. Gary McGraw introduced the 7 kingdoms as taxonomy. I  
> started looking at this great job extending it to meet Owasp Top 10  
> like template.
> I also used categories that I found useful to gather security code  
> review findings in.
>
> That's why I started this Top 10 project. The goal is to provide  
> something useful in Owasp Code Review Guide while trying to organize  
> security issues and the second goal is to use it as Owasp Orizon  
> default library cookbooks in order to have a "fil rouge" from Code  
> review guide and the implementing tool. The Source code flaws Top 10  
> will be that fil rouge.
>
> I really hope that everyone interested will subscribe to mailing  
> list and give some contributions to this document I'd like to  
> release as beta quality project in the next AppSec Europe 2009 in  
> Cracow.
>
> Link: http://www.owasp.org/index.php/Category:OWASP_Source_Code_Flaws_Top_10_Project
> Roadmap: http://www.owasp.org/index.php/Category:OWASP_Source_Code_Flaws_Top_10_Project_Roadmap
> Mailinglist subscription page: https://lists.owasp.org/mailman/listinfo/owasp-source-code-flaws-top-10
>
> Regards
> thesp0nge
> -- 
> "stay hungry, stay foolish"
>
> OWASP Orizon project, http://orizon.sourceforge.net
> "enjoy your code review experience"
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20081215/37c51e1d/attachment.html 


More information about the OWASP-Leaders mailing list