[Owasp-leaders] Security 101 Mailing List?

Azeddine Islam Mennouchi azeddine.mennouchi at owasp.org
Thu Jan 26 08:43:55 UTC 2012


+1 This Would be Very Great, I think also That we Have to Make this out of
the regular the forum is a great idea but we need to make it special in a
way or in an other ..... Chargement en cours

On Thu, Jan 26, 2012 at 9:28 AM, Erwin Geirnaert <
erwin.geirnaert at zionsecurity.com> wrote:

>  Hi leaders,
>
>  An idea that came into my mind after the OWASP BE meeting yesterday.
> Seba did a survey for OWASP BE members and the results are very
> interesting: more interaction at OWASP meetings, more solutions for
> specific frameworks/problems must be discussed, more technical stuff,…
>
>  Why not introduce a security 101 presentation at each OWASP BE meeting
> that will discuss a solution for a specific problem of an OWASP member. For
> example: "for a project we need to maintain secure session management
> between different web services, what is the best approach?". This can be
> discussed on the forum but a live presentation/discussion of the possible
> solutions will be very interesting during an OWASP meeting and will
> hopefully attract more developers that are struggling with this situation.
>
>  A lot of developers love OWASP but they don't have the time to read all
> the documentation and browse projects to find a solution. The best way to
> evangelize application security is to solve the problems people are facing!
>
>  Best regards,
>
>  Erwin
>
>   Van: Benny Ketelslegers <benny.ketelslegers at owasp.org>
> Datum: Thu, 26 Jan 2012 17:07:16 +0900
> Aan: "owasp-leaders at lists.owasp.org" <owasp-leaders at lists.owasp.org>
> Onderwerp: Re: [Owasp-leaders] Security 101 Mailing List?
>
>  I also think a forum would be an interesting idea. I see a very active
> userbase around the backtrack liveCD (offensive security) and a forum would
> be more structured and act as knowledgebase compared to a mailinglist!
>
> Best Regards
>
> On Thu, Jan 26, 2012 at 4:55 PM, John Wilander <john.wilander at owasp.org>wrote:
>
>>  Good idea!
>>
>>  My thoughts also touched on a forum where we can avoid multiple answers
>> to the same question and the same question being asked over and over.
>>
>>  If we go with a forum we have to have email notification to a large
>> part of OWASP leaders.
>>
>>  If we go with a mailing list let's keep the name short and to the point
>> -- security101 at owasp.org.
>>
>>     Regards, John
>>
>> --
>> My music http://www.johnwilander.com
>> Twitter https://twitter.com/johnwilander
>> CV or Résumé http://johnwilander.se
>>
>> 26 jan 2012 kl. 08:31 skrev psiinon <psiinon at gmail.com>:
>>
>>     Great idea.
>> I'd definitely sign up and answer any questions I could.
>> +1 from me :)
>>
>> Simon
>>
>> On 25 Jan 2012 23:27, "Michael Coates" <michael.coates at owasp.org> wrote:
>>
>>
>> I recently gave a security presentation to a group of developers in the
>> health care startup scene.  There was great turnout and they really loved
>> Webgoat (delivered via OWASP BWA).  As I left the presentation I pointed
>> them at a variety of OWASP links - top 10, cheat sheets, secure coding
>> guidelines - but I felt that it was a missed opportunity to really engage
>> the group that had so much to gain from OWASP.
>>
>> What are people's thoughts about establishing a OWASP-Security-101
>> mailing list?  The idea would be to have this be a public list where
>> developers would ask basic/intro web security questions.  We (OWASP
>> leaders) would then direct people to available OWASP resources or answer
>> the questions directly.
>>
>> This idea would create an ecosystem with developers that are not security
>> experts per se (e.g. getting past the echo chamber). In addition, this will
>> quickly identify gaps in OWASP resources ( 5 questions about topic X and we
>> have no OWASP page on that topic).
>>
>> The goal here isn't to replace something like stack overflow, but instead
>> to create an inviting space within OWASP where we can integrate more
>> developers and publicize/enhance OWASP tools, resources, etc.
>>
>> One important thing for this new list would be that it's a safe place to
>> ask "dumb" questions.  I think we could really distinguish ourselves here
>> since many people are nervous about jumping into a more technical mailing
>> list and just getting the "Did you google it?" type answer.
>>
>>
>> Thoughts?  OWASP-Security-101?
>>
>>
>>
>>
>>
>> Michael Coates
>> OWASP
>> michael.coates at owasp.org
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>   _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
> _______________________________________________ OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
Islam Azeddine Mennouchi
OWASP ALGERIA Chapter Leader
phone n°: +213796314102
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120126/98641a5e/attachment-0001.html>


More information about the OWASP-Leaders mailing list