[Owasp-leaders] Security Contacts at ForgeRock?

Dave Wichers dave.wichers at owasp.org
Fri Jul 27 19:00:28 UTC 2012

Sorry to spam the list but I need a bit of help.


I'm reviewing a customer application that is using OpenAM. OpenAM is the
next generation of OpenSSO from Sun (now Oracle). OpenSSO is an open source
single sign-on library/product that wasn't receiving much love from Oracle,
so a company called ForgeRock (http://www.forgerock.com/) has decided to
adopt it and maintain it.


I have found a couple of security issues in OpenAM that I would like to send
to them privately but I'm having no luck getting in touch with them.  You'd
think, given that they are supporting a security product, it would be very
easy to find who to get in touch with, and they would be more responsive.


Does anyone have any security (or other) contacts there? If so, please send
them to me privately.


Thanks for your help.




Dave Wichers

OWASP Board Member and Top 10 Project Lead

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120727/f41d18a3/attachment.html>

More information about the OWASP-Leaders mailing list