[Owasp-leaders] Owasp projects reboot

John Wilander john.wilander at owasp.org
Sun Apr 1 08:22:42 UTC 2012


+1 on Jim's list of three to start with.

Also, I'm not sure we should only look at funding original projects. As an example I've been working on my OWASP 1-Liner system for one and a half years. I built it to facilitate my appsec talks. It's a web 2.0 app with a RESTful Java backend. Has XSS, clickjacking, CSRF but also protective stuff like double submit filter, CSP header, XFO header, HSTS header and AntiSamy. I can't count the number of times I've been asked to release it but I've failed so far. Would *love* to work with the WebGoat people (and more) to make OWASP 1-Liner the second generation WebGoat and/or an official OWASP demo application.

   Regards, John

-- 
My music http://www.johnwilander.com
Twitter https://twitter.com/johnwilander
CV or Résumé http://johnwilander.se

31 mar 2012 kl. 16:31 skrev "Dennis Groves, MSc" <dennis.groves at owasp.org>:

> 
> +1
> 
> On 31 Mar 2012, at 14:46, Jim Manico wrote:
> 
>> Yah Eoin, I have a real problem with being vocal... *cough*
>> 
>> Anyhow. I think we should reduce scope a little here. I say, let's just focus on the three main guides for pass one and see how that goes before further investment. These three really are the core of OWASP and they are crusty at best.
>> 
>> Testing guide
>> Development Guide
>> Code Review Guide
>> 
>> That's my 2 cents. You asked! :D
>> 
>> Aloha Eoin and team,
>> -- 
>> Jim Manico
>> 
>> Connections Committee Chair
>> Cheatsheet Series Product Manager
>> OWASP Podcast Producer/Host
>> 
>> jim at owasp.org
>> www.owasp.org
>>> Thanks jim,
>>> Leaders let ur voice be heard.
>>> 
>>> 
>>> I'll compile votes on tuesday and announce which projects make the initial cut for the first round of funding&  reboot!!!!
>>> 
>>> These projects shall be included in the proposal for the board.
>>> 
>>> Leaders, I ask you all to support this initiative.
>>> 
>>> "we are nothing without our projects"
>>> 
>>> 
>>> 
>>> Eoin Keary
>>> BCC Risk Advisory
>>> Owasp Global Board
>>> +353 87 977 2988
>>> 
>>> 
>>> On 31 Mar 2012, at 13:56, Jim Manico<jim at manico.net>  wrote:
>>> 
>>>> My vote:
>>>> 
>>>> Testing guide
>>>> Development Guide
>>>> Code Review Guide
>>>> App Sensor
>>>> ZAP
>>>> Cheet Sheets
>>>> 
>>>> -- 
>>>> Jim Manico
>>>> 
>>>> Connections Committee Chair
>>>> Cheatsheet Series Product Manager
>>>> OWASP Podcast Producer/Host
>>>> 
>>>> jim at owasp.org
>>>> www.owasp.org
>>>> 
>>>>> Hello leaders,
>>>>> I am developing a proposal to be put to the board next week in relation to rebooting a number of dormant owasp projects or improving current owasp projects to "production quality" items.
>>>>> 
>>>>> Question: May I kindly ask what projects do you think are the 6 most important projects within the foundation???
>>>>> 
>>>>> Can you respond with your top 6 by Monday, sorry for being demanding :)
>>>>> 
>>>>> (My choices are: testing guide, development guide, code review guide, O2, Zap, cheat sheets.)
>>>>> 
>>>>> "we are nothing without our projects."
>>>>> 
>>>>> Eoin.
>>>>> 
>>>>> 
>>>>> Eoin Keary
>>>>> Owasp Global Board
>>>>> +353 87 977 2988
>>>>> 
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 
>> 
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> -- 
> [Dennis Groves](http://about.me/dennis.groves), MSc
> [dennis.groves at gmail.com](mailto:dennis.groves at gmail.com)
> 
> *"What is the use of living, if it be not to strive for noble causes and make this muddled world a better place for those who will live in it after we have gone."* -- Winston Churchill, October 10th, 1908
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list