[Owasp-leaders] HELP! HELP! HELP! >>>> OWASP Secure Coding Practices - Quick Reference Guide >>>> We need Volunteers - Reviewers

Brad Causey bradcausey at owasp.org
Thu Sep 2 19:38:38 EDT 2010


Glad to see such enthusiasm.
Lets harness it!

-Brad Causey
CISSP, MCSE, C|EH, CIFI, CGSP

http://www.owasp.org
--
"Si vis pacem, para bellum"
--


On Thu, Sep 2, 2010 at 5:10 PM, Jeff Williams <jeff.williams at owasp.org>wrote:

> I suggest a review against the guides and ASVS would productive.
>
> --Jeff
>
>
>
> On Sep 2, 2010, at 1:29 PM, "James McGovern" <JMcGovern at virtusa.com>
> wrote:
>
>  My extensive feedback on this has been sent to the secure coding
> practices mailing list…
>
>
>
> *James McGovern
> *Insurance SBU
>
> *Virtusa **Corporation***
>
> 100 Northfield Drive, Suite 305 | Windsor, CT | 06095
>
> *Phone:  *860 688 9900 *Ext:  *1037 | *Facsimile:  *860 688 2890  | *Mobile:
> *860 242 1050
>
> <http://www.virtusa.com/>
>
>
>  <http://www.virtusa.com/>  <http://www.virtusa.com/blog/>
>
>
> <http://www.virtusa.com/blog/> <https://twitter.com/VirtusaCorp>
>
>
> <https://twitter.com/VirtusaCorp> <http://www.linkedin.com/companies/virtusa>
>
>
> <http://www.linkedin.com/companies/virtusa> <http://www.facebook.com/VirtusaCorp>
>
>
> <http://www.facebook.com/VirtusaCorp>
>
>
>
> *From:* owasp-leaders-bounces at lists.owasp.org [mailto:
> owasp-leaders-bounces at lists.owasp.org] *On Behalf Of *Michael V. Scovetta
> *Sent:* Thursday, September 02, 2010 12:04 PM
> *To:* <owasp-leaders at lists.owasp.org>owasp-leaders at lists.owasp.org
> *Subject:* Re: [Owasp-leaders] HELP! HELP! HELP! >>>> OWASP Secure Coding
> Practices - Quick Reference Guide >>>> We need Volunteers - Reviewers
>
>
>
> I would also be happy to give the guide a once over.
>
>
>
> Thanks--
>
>
>
> Mike
>
> On Thu, Sep 2, 2010 at 11:07 AM, Jim Manico < <jim.manico at owasp.org>
> jim.manico at owasp.org> wrote:
>
> One quick note: this guide gives dangerous advice (HTML Entity Encode all
> data sent to the client). It should advise contextual encoding.
>
> Jim Manico
>
> <jim at manico.net>jim at manico.net
>
>
> On Sep 2, 2010, at 1:30 AM, "Paulo Coimbra" < <paulo.coimbra at owasp.org>
> paulo.coimbra at owasp.org> wrote:
>
>  Leaders,
>
>
>
> We have called before for volunteers to review the recently created *OWASP
> Secure Coding Practices - Quick Reference Guide*, led by *Keith Turpin *and
> had none positive responses.
>
>
>
> Please glance at this important project, which is a Boeing donation, and
> consider volunteering to act as Reviewer alongside Matt Tesauro to assess
> whether or not we can consider it as being of Stable quality.
>
>
>
> Please note the assessment process is not that complex and simply consists
> in answering the questions posed in the following link:
>
>
>
>
> <http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide/Releases/SCP_v1/Assessment#tab=First_Reviewer>
> http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide/Releases/SCP_v1/Assessment#tab=First_Reviewer
>
>
>
>  Please do let us know if you are up to take the challenge. To do so,
> please fill in the following link using one of the available positions aka
> volunteers[1-10].
>
>
>
>
> <http://www.owasp.org/index.php/OWASP_Project_Reviewers_Database#tab=Project_Reviewers.2FVolunteers>
> http://www.owasp.org/index.php/OWASP_Project_Reviewers_Database#tab=Project_Reviewers.2FVolunteers
>
>
>
> Many thanks, regards,
>
>
>
> Paulo Coimbra,
>
> OWASP Project Manager <https://www.owasp.org/index.php/Main_Page>
>
>
>
> *From:* Paulo Coimbra [mailto: <paulo.coimbra at owasp.org>
> paulo.coimbra at owasp.org]
> *Sent:* terça-feira, 31 de Agosto de 2010 20:30
> *To:* ' <%27owasp-leaders at lists.owasp.org>owasp-leaders at lists.owasp.org'
> *Subject:* I am glad to announce I’ve just set a new project up – the
> OWASP Secure Coding Practices - Quick Reference Guide, led by Keith Turpin.
> Please welcome him!
>
>
>
> Leaders,
>
>
>
> I am glad to announce I’ve just set a new project up – the *OWASP Secure
> Coding Practices - Quick Reference Guide*, led by *Keith Turpin*.* *Please
> welcome him!
>
> * *
>
>
> <http://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide#tab=Project_About>
> http://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide#tab=Project_About
>
>
>
> <http://www.owasp.org/index.php/User:Keith_Turpin>
> http://www.owasp.org/index.php/User:Keith_Turpin
>
>
>
> As always, your suggestions and contributions would be greatly appreciated.
>
>
>
>
> In addition, this project already has a very mature release, *OWASP Secure
> Coding Practices - Quick Reference Guide/Version 1.0, *which* *is* *under
> formal assessment and seeking Stable Release status.
>
>
>
>
> <http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide/Releases/Current>
> http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide/Releases/Current
>
>
>
>
> <http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide/Releases/SCP_v1/Assessment>
> http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide/Releases/SCP_v1/Assessment
>
>
>
> What’s more, Matt Tesauro already volunteered to act as Second Reviewer in
> his quality of Board Member but we are still in need of a First Reviewer.
> Please do let us know if you are up to take the challenge. To do so, please
> fill in the following link using one of the available positions aka
> volunteers[1-10].
>
>
>
>
> <http://www.owasp.org/index.php/OWASP_Project_Reviewers_Database#tab=Project_Reviewers.2FVolunteers>
> http://www.owasp.org/index.php/OWASP_Project_Reviewers_Database#tab=Project_Reviewers.2FVolunteers
>
>
>
> Many thanks, regards,
>
>
>
> Paulo Coimbra,
>
> OWASP Project Manager <https://www.owasp.org/index.php/Main_Page>
>
>
>
>   _______________________________________________
> OWASP-Leaders mailing list
>  <OWASP-Leaders at lists.owasp.org>OWASP-Leaders at lists.owasp.org
>  <https://lists.owasp.org/mailman/listinfo/owasp-leaders>
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
> _______________________________________________
> OWASP-Leaders mailing list
>  <OWASP-Leaders at lists.owasp.org>OWASP-Leaders at lists.owasp.org
>  <https://lists.owasp.org/mailman/listinfo/owasp-leaders>
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>
> --
> -[ Michael Scovetta ]-
>
> Virtusa was recently ranked and featured in 2010 Global Services 100, IAOP's 2010 Global Outsourcing 100 sub-list, 2009 Deloitte Technology Fast 500 and 2009 Dataquest-IDC Best Employers Survey among others.
>
> ---------------------------------------------------------------------------------------------
>
> This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is intended for the addressee only. Any unauthorized disclosure, use, dissemination, copying, or distribution of this message or any of its attachments or the information contained in this e-mail, or the taking of any action based on it, is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this message.
>
> ---------------------------------------------------------------------------------------------
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20100902/5e947abc/attachment.html 


More information about the OWASP-Leaders mailing list