[Owasp-leaders] Fwd: OWASP XSS CAMPAIGN

Venkatesh Jagannathan venki at owasp.org
Mon Oct 4 04:56:31 EDT 2010


FYI/A ...

---------- Forwarded message ----------
From: Tom Brennan <tomb at owasp.org>
Date: Sat, Sep 25, 2010 at 7:28 PM
Subject: OWASP XSS CAMPAIGN
To: owasp-leaders <owasp-leaders at owasp.org>


We ALL really hate XSS its a lame finding at this point for many..

Last night over beers in NYC there were a few smirks that PCI leader Visa
and other banks are "on the list" this week

http://xssed.com/archive/special=1

See VISA (9/19/2010)

Instead of being part of a problem -- I rather be part of solutions
that benefit the OWASP global mission.

I propose *AWARENESS WEEK starting right now* -  WE globally make a effort
to raise some attention for OWASP Worldwide using this issue for a
awareness campaign on blogs, articles, twitter interviews etc.. get the word
out.    By promotion of the "sexy hacked" headline news grabbing xss stuff
we can help raise awareness of local chapters - additional visibility for
application security (Our mission BTW) and once again reinforce that OWASP
Foundation is a lighthouse and resource for the concerned to attend our
events, read the guides.

This is how OWASP can "market" our professional association, gain more
respect from Industry as the good-guys here to help.

Knowledge:

Conferences coming up -
http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference
Local chapter meetings -
http://www.owasp.org/index.php/Category:OWASP_Chapter#Local_Chapters

and projects in the works to help those that want help -
http://www.owasp.org/index.php/Testing_for_Reflected_Cross_site_scripting_(OWASP-DV-001)


I know we are preaching to the choir at OWASP about XSS but the general
public is NOT AWARE OF THE IMPACT combined others from the Top 10 ie CSRF

Thank you in advance for getting on your soap box and contribution to this
awareness campaign.

Tom Brennan
Direct: 973-202-0122
Skype: proactiverisk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101004/cca95a53/attachment.html 


More information about the OWASP-Leaders mailing list