[Owasp-leaders] Proposal [Feedback Requested] : This I Believe (Security)
fcerullo at owasp.org
Mon Aug 19 09:23:25 UTC 2013
+1 John...count with me.
I believe we could use the OWASP blogpost site for these series?
On Monday, August 19, 2013, psiinon wrote:
> I think its a great idea!
> I'm a big fan of your Year of Security for Java series, John, and I really
> hope this happens as I think it will make fascinating reading.
> For the record, I Believe pentesters should learn more about Development
> and QA and vice versa ;)
> > wrote:
>> I am considering coordinating a short-term series of essays posted on the
>> owasp site about broad application security topics, and want your feedback
>> on whether the idea would be interesting to the community.
>> [longer version]
>> I have long enjoyed the This I Believe (thisibelieve.org) series. For
>> those not familiar, the idea is that someone writes about a topic they have
>> a strong belief in, using short essay form.
>> I believe an adaptation of this basic concept could produce value for our
>> community. Much of the communication I see flowing through our industry
>> could be viewed as dealing with the low-hanging fruit. I think expanding
>> and elevating our conversation around security could impact us in various
>> Some possible benefits I hope to see are:
>> - Greater awareness of related fields or obscure specialties within our
>> - Application of solutions from other disciplines
>> - Greater awareness of existing solutions from academia vs. industry and
>> related gaps
>> - Introduction of new ideas and new-found awareness of old ideas
>> - Drive interesting discussions amongst our community
>> - Follow-on implementations of valuable solutions
>> - Big ideas to solve hard problems
>> However, I do realize that the central goal of this idea is not to
>> produce actionable documentation or code, and many of you as such may not
>> find it valuable. I propose a 3-step process:
>> *Step 1. Receive feedback from the community about whether or not this
>> is a good idea. This is what I need now. Feel free to respond to the group
>> or me directly (2 weeks). *
>> Step 2. If the general feedback is positive, I'll send out another
>> request for ideas for people you would like to see write articles. I will
>> then collect these and probably illicit a community vote to rank the
>> requested authors. I will then send out requests to those authors to see if
>> they would be willing to participate. (2-4 weeks)
>> Step 3. Setup a schedule for the participating authors to post on a
>> roughly monthly basis. My thought is that this would run maybe 6-12 months,
>> but we could go longer or shorter depending on interest and participation.
>> For now, I'd like to get feedback for step 1. However, as with any
>> project, help is always needed and much appreciated. If any of this sounds
>> like fun to you and you'd like to help out with leading the project, let me
>> know - I'd be grateful.
>> John Melton
>> OWASP-Leaders mailing list
>> 'OWASP-Leaders at lists.owasp.org');>
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders