[Owasp-leaders] Owasp projects reboot
tony.turner at owasp.org
Sun Apr 1 13:57:42 UTC 2012
Why not allocate a bucket of funds for this effort and let project leads
apply. Have them identify in the app how monies would be spent, target
objectives, etc and why their project should be chosen. Let the project
leads drive the process with oversight and selection from projects
I'd also like to see code review and security testing performed for OWASP
apps/code (and remediated) but am not totally sure how we'd facilitate
that. Otherwise it's not really production ready code but that's what
thousands of companies assume we do.
On Apr 1, 2012 9:01 AM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
> Does anybody know the number of projects we have at OWASP?
> I cant't tell you how many times nor how ofter OpenSAMM has been useful to
> me or AntiSami - there is so much being left out of this conversation.
> Anytime I have a problem I google OWASP and somebody somewhere has already
> documented or written some software to address it. I would really hate to
> see some of those incredibly valuable resources that have not been
> mentioned get left out...
> OWASP produces so much good; it just seems a bit short sighted I guess to
> 'pick three' or 'pick nine' or whatever. My point about webgoat is this -
> we aren't even aware of the value we have created in many cases (eg used to
> benchmark) so how can we even objectively measure the impact of the
> projects against each other?
> There must be another approach...
> Dennis Groves <http://about.me/dennis.groves>, MSc
> dennis.groves at owasp.org
> *This work is licensed under the Creative Commons
> Attribution-NonCommercial-NoDerivs 3.0 Unported License. To view a copy of
> this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/ or
> send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain
> View, California, 94041, USA.*
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders