[Owasp-leaders] owasp-informal

Jim Manico jim.manico at owasp.org
Sat Feb 2 10:50:34 UTC 2013


Ok let's do this.

We setup owasp-informal.

https://lists.owasp.org/mailman/listinfo/owasp-informal

1) May I suggest we tighten down the use of owasp-leaders to OWASP news
only?
2) Those who want to chit chat off-topic please migrate to owasp-informal?
3) Simply banning Dennis Groves from leaders alone will help. ;) Dennis,
can I make you admin of owasp-informal ?

Aloha,
--
Jim Manico
@Manicode
(808) 652-3805

On Feb 1, 2013, at 11:42 PM, Abbas Naderi <abbas.E at owasp.org> wrote:

Remember when we had a plan to make two leaders list, one for free
discussions and one for decision making?

I think there's a Gaussian Hole where our plans go :D
-Abbas
On ۱۴ بهمن ۱۳۹۱, at ۳:۲۵, Jason Johnson <jason.johnson at owasp.org> wrote:

Best part is I will be using this in meeting for the government.
On Feb 1, 2013 5:37 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:

> On 1 Feb 2013, at 22:54, Konstantinos Papapanagiotou wrote:
>
>  It's truly amazing what we've turned this thread into. :)
>> Despite various formal or informal definitions, I believe that
>> "marketing" wise it's better to talk about the top10 risks rather than the
>> top10 vulnerabilities.
>>
>
> I can't agree with Konstantinos more!!! Business executives don't have one
> fuck to give about vulnerabilities; but you start talking about 'risk' to
> their business and they are all ears. It is about the relevance to the
> companies we are trying to assist; not about what it 'technically' is that
> matters…
>
>
>
>  Can help get heard by executives while the rest will easily think that
>> practically risks are [a result of] technical vulnerabilities.
>>
>> Kostas
>>
>> On 2 Φεβ 2013, at 0:48, Eoin <eoin.keary at owasp.org> wrote:
>>
>>  It's a payload delivery system.
>>>
>>> Eoin Keary
>>> Owasp Global Board
>>> +353 87 977 2988
>>>
>>>
>>> On 1 Feb 2013, at 22:33, Jim Manico <jim.manico at owasp.org> wrote:
>>>
>>>  I do not think of XSS as an attack, XSS is a weakness or vulnerability.
>>>>
>>>> An attack would be something like "Site Defacement using XSS".
>>>>
>>>> Aloha,
>>>> Jim
>>>>
>>>>  Roughly. XSS is used as
>>>>> xss = weakness, vulnerability, attack (and some more)
>>>>>
>>>>>
>>>>> Am 01.02.2013 22:23, schrieb Eoin:
>>>>>
>>>>>> Nope. Risk is impact x probability
>>>>>> Vulns = xss SQLI etc
>>>>>>
>>>>>> Eoin Keary
>>>>>> Owasp Global Board
>>>>>> +353 87 977 2988
>>>>>>
>>>>>>
>>>>>> On 1 Feb 2013, at 20:43, Tom Brennan <tomb at owasp.org> wrote:
>>>>>>
>>>>>>  Considering its risks not vulns., hope he updates his cards for 2013
>>>>>>>
>>>>>>>
>>>>>>> On Feb 1, 2013, at 3:39 PM, "Dennis Groves" <dennis.groves at owasp.org>
>>>>>>> wrote:
>>>>>>>
>>>>>>>  Hello OWASP,
>>>>>>>>
>>>>>>>> I couldn't resist posting this to the list! I think that is just
>>>>>>>> pure awesome!
>>>>>>>>
>>>>>>>> I ran across this sole proprietor of this security firm this week
>>>>>>>> at a local security event. He expressed a great deal of gratitude and
>>>>>>>> thanked us for all the amazing work the community has produced.
>>>>>>>>
>>>>>>>> He said he had the OWASP top 10 on the back of his business cards
>>>>>>>> since the OWASP top 10 was published, but he didn't have any with him, so I
>>>>>>>> gave him mine and promised to send me his card when he got home.
>>>>>>>>
>>>>>>>> And since they are digital, I just had to share this with the list.
>>>>>>>> He said OWASP helped his micro-business enormously because his clients were
>>>>>>>> not able to ignore his advice anymore because 'the worlds security experts'
>>>>>>>> were advocating the same practices.
>>>>>>>>
>>>>>>>> Anyhow, I love stories about how OWASP made a difference for people
>>>>>>>> & I hope you do too.
>>>>>>>>
>>>>>>>> Dennis
>>>>>>>>
>>>>>>>> Dennis Groves, MSc
>>>>>>>>
>>>>>>>
>>>>> ______________________________**_________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>>>>
>>>> ______________________________**_________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>>
>> ______________________________**_________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>
>
>
> --
> [Dennis Groves](http://about.me/**dennis.groves<http://about.me/dennis.groves>),
> MSc
> [Email me](mailto:[email protected]**owasp.org <dennis.groves at owasp.org>) or
> [schedule a meeting](http://goo.gl/8sPIy).
>
> *This email is licensed under a [CC BY-ND 3.0](http://creativecommons.**
> org/licenses/by-nd/3.0/deed.**en_GB<http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB>)
> license.*
>
> **Please do not send me Microsoft Office/Apple iWork documents.**
> Send [OpenDocument](http://fsf.org/**campaigns/opendocument/<http://fsf.org/campaigns/opendocument/>)
> instead!
> Stand up for your freedom to install [free software](http://www.fsf.org/**
> campaigns/secure-boot/**statement<http://www.fsf.org/campaigns/secure-boot/statement>
> ).
> ______________________________**_________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>
_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders


_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130202/771d727f/attachment.html>


More information about the OWASP-Leaders mailing list