[Owasp-leaders] Owasp projects reboot

Eoin eoin.keary at owasp.org
Sun Apr 1 11:32:44 UTC 2012


Cheers Andrew.


Eoin Keary
BCC Risk Advisory
Owasp Global Board
+353 87 977 2988


On 1 Apr 2012, at 10:55, Andrew van der Stock <vanderaj at owasp.org> wrote:

> Hi all,
> 
> I think this is a great idea. I would be up for a revision of the OWASP Developer Guide. But I am not an island, I would need help. In particular, I think we need to hit a few different output mechanisms. I've looked into iBooks Author and we can provide a freebie download from the OWASP website for folks with iPads without losing our distribution or other rights. As long as the material has a single source of truth that allows low barriers to entry for collaboration and revision control, I don't think we need to make the process of contributing too onerous. 
> 
> My hit list if you had a large bucket of cash:
> 
> {Dev, test, code} Guides (call me biased)
> ESAPI for {Java, .NET, PHP} (again biased)
> 
> We also need to fund the development of new materials on the oft forgotten but really fundamental left hand side of equation
> 
> Education project, in particular take my sorta two day dev deck and really give it a good polish and some train the trainer videos so folks can give it all over the world
> Top 10 Proactive Controls (again I'm pretty biased)
> OWASP Architecture and Design Guide 
> 
> Plus, for what it's worth, we really need to have an outreach project or champion to discuss security with key application frameworks and apps. I think .NET and GWT is doing fine without a great deal of help, but the others (Zend, Symfony, Spring, Rails, WordPress, MediaWiki, etc) could all use a bit of help, either to integrate ESAPI for their platform, or contribute ideas and be a security sounding board for them (we have to listen to their needs instead of unilaterally deciding what help they actually "need"). 
> 
> thanks,
> Andrew
> 
> On 31/03/2012, at 9:31 PM, Eoin wrote:
> 
>> Hello leaders,
>> I am developing a proposal to be put to the board next week in relation to rebooting a number of dormant owasp projects or improving current owasp projects to "production quality" items.
>> 
>> Question: May I kindly ask what projects do you think are the 6 most important projects within the foundation??? 
>> 
>> Can you respond with your top 6 by Monday, sorry for being demanding :)
>> 
>> (My choices are: testing guide, development guide, code review guide, O2, Zap, cheat sheets.)
>> 
>> "we are nothing without our projects."
>> 
>> Eoin.
>> 
>> 
>> Eoin Keary
>> Owasp Global Board
>> +353 87 977 2988
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 


More information about the OWASP-Leaders mailing list