[Owasp-leaders] Security 101 Mailing List?

Eoin eoin.keary at owasp.org
Thu Jan 26 08:51:32 UTC 2012


This sounds like stack overflow??
Otherwise an individual may get different answers, some conflicting...
Best to have answer submissions and a voting system to promote the best one aka stack...

On 26 Jan 2012, at 07:41, Seba <seba at owasp.org> wrote:

> easy way to start is https://groups.google.com/forum/ ?
> if we setup a seperate forum we have to secure it as well, which might be a good usecase (e.g. securing http://www.mybb.com/)
> 
> --Seba
> 
> 
> 
> On Thu, Jan 26, 2012 at 8:31 AM, psiinon <psiinon at gmail.com> wrote:
> Great idea.
> I'd definitely sign up and answer any questions I could. 
> +1 from me :)
> 
> Simon
> 
>> On 25 Jan 2012 23:27, "Michael Coates" <michael.coates at owasp.org> wrote:
>> 
>> 
>> I recently gave a security presentation to a group of developers in the health care startup scene.  There was great turnout and they really loved Webgoat (delivered via OWASP BWA).  As I left the presentation I pointed them at a variety of OWASP links - top 10, cheat sheets, secure coding guidelines - but I felt that it was a missed opportunity to really engage the group that had so much to gain from OWASP.
>> 
>> What are people's thoughts about establishing a OWASP-Security-101 mailing list?  The idea would be to have this be a public list where developers would ask basic/intro web security questions.  We (OWASP leaders) would then direct people to available OWASP resources or answer the questions directly.
>> 
>> This idea would create an ecosystem with developers that are not security experts per se (e.g. getting past the echo chamber). In addition, this will quickly identify gaps in OWASP resources ( 5 questions about topic X and we have no OWASP page on that topic).
>> 
>> The goal here isn't to replace something like stack overflow, but instead to create an inviting space within OWASP where we can integrate more developers and publicize/enhance OWASP tools, resources, etc.
>> 
>> One important thing for this new list would be that it's a safe place to ask "dumb" questions.  I think we could really distinguish ourselves here since many people are nervous about jumping into a more technical mailing list and just getting the "Did you google it?" type answer.
>> 
>> 
>> Thoughts?  OWASP-Security-101?
>> 
>> 
>> 
>> 
>> 
>> Michael Coates
>> OWASP
>> michael.coates at owasp.org
>> 
>> 
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120126/45494dec/attachment.html>


More information about the OWASP-Leaders mailing list