[Owasp-leaders] Projects looking for volunteers

Jason Johnson jason.johnson at owasp.org
Wed Aug 21 13:15:48 UTC 2013


Maybe not...If you show a solution though would the be more likely to act
on it? That is lots of work for a Joomla SQL rewrite. JOOMWASP

Jason Johnson
OWASP
Oklahoma City, OK
 On Aug 21, 2013 8:06 AM, "Abbas Naderi" <abbas.naderi at owasp.org> wrote:

> Many frameworks are not willing to allow major changes by other people.
> For example I know that Joomla needs to change the way it uses SQL
> throught the entire framework and application to mitigate risks, but are
> they willing to do such a drastic change just because we advise it?
> -Abbas
> On Mordad 30, 1392, at 5:32 PM, Michael Coates <michael.coates at owasp.org>
> wrote:
>
> Awesome! The framework security project will likely have individual groups
> for each framework. We can just point to your project for PHP. In return I
> ask that we work on communication so we can centralize our overall
> framework security progress results in the overall framework security
> project.
>
>
> Thanks!
>
>
> --
> Michael Coates | OWASP | @_mwc
>
>
>
> On Wed, Aug 21, 2013 at 1:56 AM, Abbas Naderi <abbas.naderi at owasp.org>wrote:
>
>> We're already covering most of what you had in mind from Framework
>> Security, in PHP Security Project. Though its only for PHP yet.
>> -Abbas
>>
>> On Mordad 30, 1392, at 1:21 PM, vanderaj vanderaj <vanderaj at owasp.org>
>> wrote:
>>
>> I am looking for authors in the Developer Guide project too. I must
>> really get around to holding more meetings, and maybe complete a chapter so
>> folks can see what I have in mind.  Once the ASVS 2.0 is complete to beta
>> (real close now!) I think I can get more time.
>>
>> thanks
>> Andrew
>>
>>
>> On Wed, Aug 21, 2013 at 4:59 AM, Curtis Koenig <curtis.koenig at owasp.org>wrote:
>>
>>>
>>> On Tue, Aug 20, 2013 at 10:54 AM, Michael Coates <
>>> michael.coates at owasp.org> wrote:
>>>
>>>>
>>>> *Project*: Application Security Program
>>>> *Idea*: A project that captures security programs from end to end.
>>>> It's not all about secure coding, pen testing, static analysis etc... This
>>>> project will detail real security programs from  corproations developing
>>>> software. This includes end to end thinking about security. Think project
>>>> will also link to available owasp tools and resource for each stage.
>>>> *Needs*: I need a few other security leaders that are running
>>>> application security programs in large organizations. For this particular
>>>> project I feel security experience from working at a company and leading
>>>> such a program is the most needed skill to make this project effective.
>>>> *Anyone interested? If so, we'll make this a project and start moving.*
>>>>
>>>
>>> I'd be interested in getting involved with this one.
>>>
>>> --
>>> Curtis Koenig
>>> OWASP Louisville Chapter Leader
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130821/9b4b6dfd/attachment-0001.html>


More information about the OWASP-Leaders mailing list