[Owasp-leaders] OWASP Top Ten Proactive Controls

Jim Manico jim.manico at owasp.org
Thu Aug 22 13:17:29 UTC 2013


I am currently on stage at AppSec EU giving a talk on the OWASP Top Ten Proactive controls. Wish you were here. :)

The initial "alpha" version of this document was just pushed live at https://www.owasp.org/index.php/OWASP_Proactive_Controls#tab=OWASP_Top_Ten_Proactive_Controls and I would love your help, feedback, concerns and complaints.

The OWASP Top Ten Proactive Controls is a document intended to be phrased in a positive manner that describes the top control and control categories that every architect and developer should absolutely, 100% include in every project. I want to make sure that the entire OWASP community can not only provide feedback, but can also participate in the project directly on the wiki. The final document, which I intend to release at AppSec USA in November, will be branded (only) as an OWASP project to maintain strong vendor neutrality.

For this work to be effective, I really need your help. ALL comments and concerns will be addressed. You might completely disagree on the top ten items I have initially chosen, and that feedback will help drive a better document in some form of public voting process. This initial version is just meant to set the groundwork and get the ball rolling.

I can only imagine how busy you are, but I would grateful for your help on this community project. 


Thanks all,

Jim Manico
OWASP Board Member and Volunteer

More information about the OWASP-Leaders mailing list