[Owasp-leaders] OWASP Security Code Review Guide v1.1

kuai hinojosa kuai.hinojosa at owasp.org
Mon Mar 30 13:36:30 EDT 2009


Any word on how we should proceed on using the free online event  
planner? Let me know.


On Mar 30, 2009, at 1:22 PM, Kate Hartmann wrote:

> OWASP Releases World’s First Security Code Review Guide for Free
> The OWASP Foundation, March 30, 2009 – The Open Web Application  
> Security Project (OWASP) today announced the official release of the  
> free OWASP Security Code Review Guide v1.1. The Code Review Guide  
> provides details on how to review code for all sorts of application  
> vulnerabilities. Together with the OWASP Security Developer Guide  
> and OWASP Security Testing Guide, OWASP has created a powerful suite  
> of books that covers most of what people need to know about  
> application security. The 216 page book can be downloaded from the  
> OWASP website or a bound copy can be ordered for the cost of printing.
> The Code Review Project is led by long time OWASP participant Eoin  
> Keary from Dublin, Ireland. Like all OWASP projects, the work is  
> performed by Eoin’s team in a free and open manner, and coordinated  
> via the OWASP wiki and project mailing list. Everyone is welcome to  
> download the guide and benefit from OWASP’s research. You can also  
> join the project and contribute to making the guide even better.
> “Despite the many claims that code review is too expensive or time  
> consuming, there is no question that it is the fastest and most  
> accurate way to find and diagnose many security problems. There are  
> also dozens of serious security problems that simply can't be found  
> any other way.” said OWASP Chair Jeff Williams. “Still, code review  
> is no panacea. Static tools, dynamic tools, and manual testing all  
> have an important role to play in verifying the security of an  
> application.”
> There is overwhelming evidence that the vast majority of web  
> applications contain security holes that are increasingly putting  
> people and organizations at serious risk. Our Code Review Guide is  
> one part of OWASP’s strategy to make application security visible  
> and enable the market to support the development of secure  
> application software.
> OWASP is a free and open community that focuses on improving  
> application security. Join the thousands of organizations that are  
> using OWASP guidance to run a responsible application security  
> program. Anyone can join our community and use our free tools and  
> documents, attend our free conferences and local chapter meetings,  
> and join projects to make the world’s software safe for the Internet.
> About OWASP -The Open Web Application Security Project (OWASP) is an  
> open community dedicated to enabling organizations to develop,  
> purchase, and maintain applications that can be trusted. All of the  
> OWASP tools, documents, forums, and chapters are free and open to  
> anyone interested in improving application security. We advocate  
> approaching application security as a people, process, and  
> technology problem because the most effective approaches to  
> application security include improvements in all of these areas. We  
> can be found at http://www.owasp.org.
> Contact: owasp at owasp.org
> Kate Hartmann
> OWASP Operations Director
> 9175 Guilford Road
> Suite 300
> Columbia, MD  21046
> 301-275-9403
> kate.hartmann at owasp.org
> Skype:  kate.hartmann1
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090330/a1b05b35/attachment-0001.html 

More information about the OWASP-Leaders mailing list