[Owasp-leaders] A great story

Jim Manico jim.manico at owasp.org
Fri Feb 1 22:25:45 UTC 2013


Please consider the https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology

It's an oldie but goodie. It breaks down the impact and probability factors with a very reasonable level of detail.

Aloha,
- Jim Manico
@Manicode


> Nope. Risk is impact x probability
> Vulns = xss SQLI etc
> 
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
> 
> 
> On 1 Feb 2013, at 20:43, Tom Brennan <tomb at owasp.org> wrote:
> 
>> Considering its risks not vulns., hope he updates his cards for 2013
>>
>>
>> On Feb 1, 2013, at 3:39 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
>>
>>> Hello OWASP,
>>>
>>> I couldn't resist posting this to the list! I think that is just pure awesome!
>>>
>>> I ran across this sole proprietor of this security firm this week at a local security event. He expressed a great deal of gratitude and thanked us for all the amazing work the community has produced.
>>>
>>> He said he had the OWASP top 10 on the back of his business cards since the OWASP top 10 was published, but he didn't have any with him, so I gave him mine and promised to send me his card when he got home.
>>>
>>> And since they are digital, I just had to share this with the list. He said OWASP helped his micro-business enormously because his clients were not able to ignore his advice anymore because 'the worlds security experts' were advocating the same practices.
>>>
>>> Anyhow, I love stories about how OWASP made a difference for people & I hope you do too.
>>>
>>> Dennis
>>>
>>> Dennis Groves, MSc
>>> Email me or schedule a meeting.
>>>
>>> This email is licensed under a CC BY-ND 3.0 license.
>>>
>>> Please do not send me Microsoft Office/Apple iWork documents.
>>> Send OpenDocument instead!
>>> Stand up for your freedom to install free software.
>>>
>>> <sec tec bsns cards june 06.pdf>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 



More information about the OWASP-Leaders mailing list