[Owasp-leaders] Reaching developers = cooperative hackathons

Sherif Koussa sherif.koussa at gmail.com
Fri Sep 10 10:44:07 EDT 2010


I am not a mobile security expert, but I would like to collaborate in this
effort.

Regards,
Sherif

On Fri, Sep 10, 2010 at 10:34 AM, Dave Wichers <dave.wichers at owasp.org>wrote:

>  I’d be happy to see both styles of Top 10’s developed.
>
>
>
> Regarding the Top 10 for Mobile. I’d love for a group of mobile security
> experts to explore whether it truly is different than the existing Top 10
> and why. And then let us know what they have discovered and have that
> reviewed by the community. If the rough consensus is that it is truly
> different, then it would be great to write one. If the consensus is that it
> is very similar, maybe we should write an ‘interpretation’ of the Top 10 in
> the Mobile environment, or if, we decide its essentially the same set of
> risks, then we should state that publicly on the wiki.
>
>
>
> I don’t know which way it will fall, but I’d love to hear what people think
> on this subject.
>
>
>
> -Dave
>
>
>
> *From:* owasp-leaders-bounces at lists.owasp.org [mailto:
> owasp-leaders-bounces at lists.owasp.org] *On Behalf Of *Jim Manico
> *Sent:* Thursday, September 09, 2010 11:58 AM
>
> *To:* owasp-leaders at lists.owasp.org
> *Subject:* Re: [Owasp-leaders] Reaching developers = cooperative
> hackathons
>
>
>
> More importantly, I think we need to put •language specific• Top Tens' out
> front.
>
>
>
> OWASP Top Ten for PHP
>
> OWASP Top Ten for Java
>
> Etc
>
>
>
> This will help OWASP reach developers in a more prolific way.
>
> -Jim Manico
>
> http://manico.net
>
>
> On Sep 9, 2010, at 5:19 AM, Sherif Koussa <sherif.koussa at gmail.com> wrote:
>
>  Would the leaders think there is value in starting a Top Ten for Mobile
> Applications? Or would that lie sort of outside the boundaries of OWASP
> since they might not typically be "web" applications?
>
>
> Regards,
>
> Sherif
>
>
>
> On Wed, Sep 8, 2010 at 10:38 AM, Dave Wichers <dave.wichers at owasp.org>
> wrote:
>
> I would like to see more top ten lists and I think this is a reasonable
> list to shoot for.  And I hope it would echo similar sentiments that are
> presented by the OWASP Guide. And if not, they should be synced up.
>
>
>
> I still want to get a real Top Ten for Web Services done. We took a shot
> back in 2008 but I haven’t had the energy to really get it completed.
>
>
>
> -Dave
>
>
>
> Dave Wichers
>
> OWASP Top 10 Project Lead
>
>
>
> *From:* owasp-leaders-bounces at lists.owasp.org [mailto:
> owasp-leaders-bounces at lists.owasp.org] *On Behalf Of *James McGovern
> *Sent:* Wednesday, September 08, 2010 8:41 AM
>
>
> *To:* owasp-leaders at lists.owasp.org
>
> *Subject:* Re: [Owasp-leaders] Reaching developers = cooperative
> hackathons
>
>
>
> Does anyone else think starting a project to create a Top Ten list for
> Software Architects has merit? Since my past project of starting a
> certification resulted in a fail, I am game to try again and see if we can
> create a win…
>
>
>
> *James McGovern
> *Insurance SBU
>
> *Virtusa **Corporation*
>
> 100 Northfield Drive, Suite 305 | Windsor, CT | 06095
>
> *Phone:  *860 688 9900 *Ext:  *1037 | *Facsimile:  *860 688 2890
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20100910/fd66aa5a/attachment.html 


More information about the OWASP-Leaders mailing list