[Owasp-leaders] What would you change about OWASP?

Juan Pablo juan.quine at gmail.com
Wed Jun 6 17:15:10 UTC 2012


I was thinking that a framework that "resumes" the actions, could help to
see all the big picture.

Maybe a mental map that could show all the stuff that we must considerate
in each evaluation and from it getting into detail, cause if you see the
guide, there is a kind of proccess, but if you take it to real life, there
will be some blocks of that diagram that you would or not consider, the
idea is to show, which will be necesary, and which could be optional, or
that will depend on the technology used.

And another thing is that the guide I think 40% of the guide has much of
good practices with lot of wording, but I think the "funny part" starts in
page 100 or so... and maybe a more "atractive guide" that could consider
some of the structure that has been made for the top ten, a quick guide,
with lots of information on each page, that of couse has not all the
information, but pretty sure enough information to get a big idea, and
enter into the detail on what you really need to consider.

Well that were my two cents, I hope it could help.

Regards,

Juan Pablo.
On Wed, Jun 6, 2012 at 3:46 AM, Eoin <eoin.keary at owasp.org> wrote:

> Hello leaders,
> I was thinking about the good and bad aspects of OWASP. Sometimes I think
> there is too much "process" and not enough action.
> Other times I think we don't do enough relevant activities and are not
> addressing the core issues.
>
> So, with that said, what would you change about OWASP? (any idea,
> suggestion is "fair game").
>
> Eoin.
>
>
>
> Eoin Keary
> BCC Risk Advisory
> Owasp Global Board
> +353 87 977 2988
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>



-- 

===============================================
|_|0|_| Ing Juan Quiñe, CISSP, OSCP, GISP, ISO 27001 LA, Cobit-F.
|_|_|0| visita: http://hackspy.blogspot.com/
|0|0|0| a.k.a. HaCKsPy - from Security Wari Projects, now PeruSEC

"... hacking is a way to live your life, not a day job or semi-ordered list
of instructions found in a thick book ..." Anthony Bunyan
"... Live your life as if you will die tomorrow but learn as if you will
live forever ..." Mahatma Gandhi
"... Romper un sistema de seguridad los acerca tanto a ser hackers como
encender autos puenteando cables los convierte en ingenieros automitrices
..."
"... Nada es tan importante, ni tan urgente que no pueda ser hecho con
seguridad ..."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120606/29ef4165/attachment-0002.html>


More information about the OWASP-Leaders mailing list