[Owasp-leaders] Projects looking for volunteers

Abbas Naderi abbas.naderi at owasp.org
Wed Aug 21 13:04:23 UTC 2013


Many frameworks are not willing to allow major changes by other people.
For example I know that Joomla needs to change the way it uses SQL throught the entire framework and application to mitigate risks, but are they willing to do such a drastic change just because we advise it?
-Abbas
On Mordad 30, 1392, at 5:32 PM, Michael Coates <michael.coates at owasp.org> wrote:

> Awesome! The framework security project will likely have individual groups for each framework. We can just point to your project for PHP. In return I ask that we work on communication so we can centralize our overall framework security progress results in the overall framework security project.
> 
> 
> Thanks!
> 
> 
> --
> Michael Coates | OWASP | @_mwc
> 
> 
> 
> On Wed, Aug 21, 2013 at 1:56 AM, Abbas Naderi <abbas.naderi at owasp.org> wrote:
> We're already covering most of what you had in mind from Framework Security, in PHP Security Project. Though its only for PHP yet.
> -Abbas
> 
> On Mordad 30, 1392, at 1:21 PM, vanderaj vanderaj <vanderaj at owasp.org> wrote:
> 
>> I am looking for authors in the Developer Guide project too. I must really get around to holding more meetings, and maybe complete a chapter so folks can see what I have in mind.  Once the ASVS 2.0 is complete to beta (real close now!) I think I can get more time. 
>> 
>> thanks
>> Andrew 
>> 
>> 
>> On Wed, Aug 21, 2013 at 4:59 AM, Curtis Koenig <curtis.koenig at owasp.org> wrote:
>> 
>> On Tue, Aug 20, 2013 at 10:54 AM, Michael Coates <michael.coates at owasp.org> wrote:
>> 
>> Project: Application Security Program
>> Idea: A project that captures security programs from end to end. It's not all about secure coding, pen testing, static analysis etc... This project will detail real security programs from  corproations developing software. This includes end to end thinking about security. Think project will also link to available owasp tools and resource for each stage.
>> Needs: I need a few other security leaders that are running application security programs in large organizations. For this particular project I feel security experience from working at a company and leading such a program is the most needed skill to make this project effective. 
>> Anyone interested? If so, we'll make this a project and start moving.
>> 
>> I'd be interested in getting involved with this one.
>> 
>> --
>> Curtis Koenig
>> OWASP Louisville Chapter Leader
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130821/26cd65f9/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4893 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130821/26cd65f9/attachment.bin>


More information about the OWASP-Leaders mailing list