[Owasp-leaders] OWASP/WASC SAST Criteria

L. Gustavo C. Barbato lgbarbato at owasp.org
Tue Jan 25 08:53:55 EST 2011


You can also count on me.

L. Gustavo C. Barbato 
<http://www.owasp.org/index.php/User:Gustavo_Barbato>, Ph.D.
Chapter Leader, OWASP Porto Alegre 
<http://www.owasp.org/index.php/Porto_Alegre> / Brazil 
<http://www.owasp.org/index.php/Category:Brasil>
Global Chapter Committee Member 
<http://www.owasp.org/index.php/Global_Chapter_Committee>


On 01/25/2011 11:28 AM, Jim Manico wrote:
> This can be an OWASP and a WASC project! :) Both of our sites should have projects pages that cross link to each other.
>
> I would like to let WASC drive the process  - they have a commitment to quality that is central to their culture. It would be a good experience for us to work with them, IMO, and see how they roll.
>
> We have a lot of great people at OWASP with significant experience in this part of the field. We have the "numbers" that could make this work with solid depth and objectivity.
>
> I'm going to start moving on this, I will keep you all posted on our progress.
>
> PS: I've have 6 folks email me so far on this. Not bad for 5 minutes or so.
>
> -Jim Manico
> http://manico.net
>
> On Jan 25, 2011, at 5:14 AM, "Tom Brennan"<tomb at owasp.org>  wrote:
>
>> Excellent, we need more of these type of efforts globally Jim.  Ideally we would want to have a owasp project set up to track it and give it globally visibility.
>>
>>
>> -----Original Message-----
>> From: Ryan Barnett<ryan.barnett at owasp.org>
>> Sender: owasp-leaders-bounces at lists.owasp.org
>> Date: Tue, 25 Jan 2011 08:08:13
>> To: owasp-leaders at lists.owasp.org<owasp-leaders at lists.owasp.org>
>> Reply-To: owasp-leaders at lists.owasp.org
>> Subject: Re: [Owasp-leaders] OWASP/WASC SAST Criteria
>>
>> So this will be like WASSEC but for SAST instead of DAST?  Sounds good to me.
>>
>> --
>> Ryan Barnett
>>
>>
>> On Jan 25, 2011, at 7:57 AM, "Jim Manico"<jim.manico at owasp.org>  wrote:
>>
>>> Hello all,
>>>
>>> I'm working with the folks at WASC to define a SAST (static analysis) tool evaluation criteria and benchmark suite. This is not an actual tool study - just a project to set up public evaluation criteria.
>>>
>>> I think this is a marvelous way for OWASP and WASC to collaborate.
>>>
>>> If you are interested in participating (and have significant expertise in this area) please contact me off list.
>>>
>>> OWASP Board : Are you ok with this project? I think everyone involved wants this to be objective criteria. We could certainly help...
>>>
>>> -Jim Manico
>>> http://manico.net
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20110125/48ebc0cc/attachment-0001.html 


More information about the OWASP-Leaders mailing list