[Owasp-leaders] CWE/SANS Top 25 Most Dangerous Programming Errors

Jeff Williams jeff.williams at aspectsecurity.com
Tue Jan 13 07:24:15 EST 2009


I helped them out with this but didn't intend for them to assume an  
organizational endorsement.  Even though it's basically the top ten +  
buffer overflows, it helps our mission.

--Jeff




On Jan 13, 2009, at 12:34 AM, "Marcin Wielgoszewski"  
<marcin at owasp.org> wrote:

> Today SANS in conjunction with MITRE have released the CWE/SANS Top  
> 25 Most Dangerous Programming Errors [1].
>
> It appears OWASP Foundation has made an official statement  
> supporting this initiative:
> OWASP Foundation:
> "When facing a huge application portfolio that could contain many  
> thousands of instances of over 700 different types of weaknesses,  
> knowing where to start is a daunting task. Done right, stamping out  
> the CWE Top 25 can not only make you significantly more secure but  
> can cut your software development costs."
> - Jeff Williams, Aspect Security CEO and The OWASP Foundation Chair
>
> [1] http://www.sans.org/top25errors/
>
>
> Thoughts?  How does this affect the OWASP Top 10 Project?  I'll  
> reserve comment for the time being.
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090113/95ff9afe/attachment.html 


More information about the OWASP-Leaders mailing list