[Owasp-leaders] OWASP/WASC SAST Criteria

Paulo Coimbra paulo.coimbra at owasp.org
Tue Jan 25 10:14:13 EST 2011


It goes without saying, if you need a project page set up please just drop
me a line. 

Thanks,
- Paulo


Paulo Coimbra,
OWASP Project Manager


> >-----Original Message-----
> >From: owasp-leaders-bounces at lists.owasp.org [mailto:owasp-leaders-
> >bounces at lists.owasp.org] On Behalf Of Jim Manico
> >Sent: terça-feira, 25 de Janeiro de 2011 13:28
> >To: tomb at owasp.org; owasp-leaders at lists.owasp.org
> >Cc: owasp-leaders at lists.owasp.org
> >Subject: Re: [Owasp-leaders] OWASP/WASC SAST Criteria
> >
> >This can be an OWASP and a WASC project! :) Both of our sites should
> >have projects pages that cross link to each other.
> >
> >I would like to let WASC drive the process  - they have a commitment
> >to quality that is central to their culture. It would be a good
> >experience for us to work with them, IMO, and see how they roll.
> >
> >We have a lot of great people at OWASP with significant experience in
> >this part of the field. We have the "numbers" that could make this
> >work with solid depth and objectivity.
> >
> >I'm going to start moving on this, I will keep you all posted on our
> >progress.
> >
> >PS: I've have 6 folks email me so far on this. Not bad for 5 minutes
> >or so.
> >
> >-Jim Manico
> >http://manico.net
> >
> >On Jan 25, 2011, at 5:14 AM, "Tom Brennan" <tomb at owasp.org> wrote:
> >
> >> Excellent, we need more of these type of efforts globally Jim.
> >Ideally we would want to have a owasp project set up to track it and
> >give it globally visibility.
> >>
> >>
> >> -----Original Message-----
> >> From: Ryan Barnett <ryan.barnett at owasp.org>
> >> Sender: owasp-leaders-bounces at lists.owasp.org
> >> Date: Tue, 25 Jan 2011 08:08:13
> >> To: owasp-leaders at lists.owasp.org<owasp-leaders at lists.owasp.org>
> >> Reply-To: owasp-leaders at lists.owasp.org
> >> Subject: Re: [Owasp-leaders] OWASP/WASC SAST Criteria
> >>
> >> So this will be like WASSEC but for SAST instead of DAST?  Sounds
> >good to me.
> >>
> >> --
> >> Ryan Barnett
> >>
> >>
> >> On Jan 25, 2011, at 7:57 AM, "Jim Manico" <jim.manico at owasp.org>
> >wrote:
> >>
> >>> Hello all,
> >>>
> >>> I'm working with the folks at WASC to define a SAST (static
> >analysis) tool evaluation criteria and benchmark suite. This is not an
> >actual tool study - just a project to set up public evaluation
> >criteria.
> >>>
> >>> I think this is a marvelous way for OWASP and WASC to collaborate.
> >>>
> >>> If you are interested in participating (and have significant
> >expertise in this area) please contact me off list.
> >>>
> >>> OWASP Board : Are you ok with this project? I think everyone
> >involved wants this to be objective criteria. We could certainly
> >help...
> >>>
> >>> -Jim Manico
> >>> http://manico.net
> >>> _______________________________________________
> >>> OWASP-Leaders mailing list
> >>> OWASP-Leaders at lists.owasp.org
> >>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >>>
> >> _______________________________________________
> >> OWASP-Leaders mailing list
> >> OWASP-Leaders at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >> _______________________________________________
> >> OWASP-Leaders mailing list
> >> OWASP-Leaders at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >_______________________________________________
> >OWASP-Leaders mailing list
> >OWASP-Leaders at lists.owasp.org
> >https://lists.owasp.org/mailman/listinfo/owasp-leaders



More information about the OWASP-Leaders mailing list