[Owasp-leaders] A great story

Abbas Naderi abbas.naderi at owasp.org
Sat Feb 2 07:37:17 UTC 2013


Remember when we had a plan to make two leaders list, one for free discussions and one for decision making?

I think there's a Gaussian Hole where our plans go :D 
-Abbas
On ۱۴ بهمن ۱۳۹۱, at ۳:۲۵, Jason Johnson <jason.johnson at owasp.org> wrote:

> Best part is I will be using this in meeting for the government.
> 
> On Feb 1, 2013 5:37 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
> On 1 Feb 2013, at 22:54, Konstantinos Papapanagiotou wrote:
> 
> It's truly amazing what we've turned this thread into. :)
> Despite various formal or informal definitions, I believe that "marketing" wise it's better to talk about the top10 risks rather than the top10 vulnerabilities.
> 
> I can't agree with Konstantinos more!!! Business executives don't have one fuck to give about vulnerabilities; but you start talking about 'risk' to their business and they are all ears. It is about the relevance to the companies we are trying to assist; not about what it 'technically' is that matters…
> 
> 
> 
> Can help get heard by executives while the rest will easily think that practically risks are [a result of] technical vulnerabilities.
> 
> Kostas
> 
> On 2 Φεβ 2013, at 0:48, Eoin <eoin.keary at owasp.org> wrote:
> 
> It's a payload delivery system.
> 
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
> 
> 
> On 1 Feb 2013, at 22:33, Jim Manico <jim.manico at owasp.org> wrote:
> 
> I do not think of XSS as an attack, XSS is a weakness or vulnerability.
> 
> An attack would be something like "Site Defacement using XSS".
> 
> Aloha,
> Jim
> 
> Roughly. XSS is used as
> xss = weakness, vulnerability, attack (and some more)
> 
> 
> Am 01.02.2013 22:23, schrieb Eoin:
> Nope. Risk is impact x probability
> Vulns = xss SQLI etc
> 
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
> 
> 
> On 1 Feb 2013, at 20:43, Tom Brennan <tomb at owasp.org> wrote:
> 
> Considering its risks not vulns., hope he updates his cards for 2013
> 
> 
> On Feb 1, 2013, at 3:39 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
> 
> Hello OWASP,
> 
> I couldn't resist posting this to the list! I think that is just pure awesome!
> 
> I ran across this sole proprietor of this security firm this week at a local security event. He expressed a great deal of gratitude and thanked us for all the amazing work the community has produced.
> 
> He said he had the OWASP top 10 on the back of his business cards since the OWASP top 10 was published, but he didn't have any with him, so I gave him mine and promised to send me his card when he got home.
> 
> And since they are digital, I just had to share this with the list. He said OWASP helped his micro-business enormously because his clients were not able to ignore his advice anymore because 'the worlds security experts' were advocating the same practices.
> 
> Anyhow, I love stories about how OWASP made a difference for people & I hope you do too.
> 
> Dennis
> 
> Dennis Groves, MSc
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> -- 
> [Dennis Groves](http://about.me/dennis.groves), MSc
> [Email me](mailto:dennis.groves at owasp.org) or [schedule a meeting](http://goo.gl/8sPIy).
> 
> *This email is licensed under a [CC BY-ND 3.0](http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB) license.*
> 
> **Please do not send me Microsoft Office/Apple iWork documents.**
> Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
> Stand up for your freedom to install [free software](http://www.fsf.org/campaigns/secure-boot/statement).
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130202/9e74177d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4889 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130202/9e74177d/attachment.bin>


More information about the OWASP-Leaders mailing list