[Owasp-leaders] owasp-informal

Dinis Cruz dinis.cruz at owasp.org
Sat Feb 2 12:47:33 UTC 2013


For that to work you need to subscribe all members of the OWASP-leaders into the OWASP-informal

The reason these threads exist is because of the value of the leader's shared knowledge

Dinis Cruz

On 2 Feb 2013, at 10:50, Jim Manico <jim.manico at owasp.org> wrote:

> Ok let's do this.
> 
> We setup owasp-informal.
> 
> https://lists.owasp.org/mailman/listinfo/owasp-informal
> 
> 1) May I suggest we tighten down the use of owasp-leaders to OWASP news only?
> 2) Those who want to chit chat off-topic please migrate to owasp-informal?
> 3) Simply banning Dennis Groves from leaders alone will help. ;) Dennis, can I make you admin of owasp-informal ?
> 
> Aloha,
> --
> Jim Manico
> @Manicode
> (808) 652-3805
> 
> On Feb 1, 2013, at 11:42 PM, Abbas Naderi <abbas.E at owasp.org> wrote:
> 
>> Remember when we had a plan to make two leaders list, one for free discussions and one for decision making?
>> 
>> I think there's a Gaussian Hole where our plans go :D 
>> -Abbas
>> On ۱۴ بهمن ۱۳۹۱, at ۳:۲۵, Jason Johnson <jason.johnson at owasp.org> wrote:
>> 
>>> Best part is I will be using this in meeting for the government.
>>> 
>>> On Feb 1, 2013 5:37 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
>>>> On 1 Feb 2013, at 22:54, Konstantinos Papapanagiotou wrote:
>>>> 
>>>>> It's truly amazing what we've turned this thread into. :)
>>>>> Despite various formal or informal definitions, I believe that "marketing" wise it's better to talk about the top10 risks rather than the top10 vulnerabilities.
>>>> 
>>>> I can't agree with Konstantinos more!!! Business executives don't have one fuck to give about vulnerabilities; but you start talking about 'risk' to their business and they are all ears. It is about the relevance to the companies we are trying to assist; not about what it 'technically' is that matters…
>>>> 
>>>> 
>>>> 
>>>>> Can help get heard by executives while the rest will easily think that practically risks are [a result of] technical vulnerabilities.
>>>>> 
>>>>> Kostas
>>>>> 
>>>>> On 2 Φεβ 2013, at 0:48, Eoin <eoin.keary at owasp.org> wrote:
>>>>> 
>>>>>> It's a payload delivery system.
>>>>>> 
>>>>>> Eoin Keary
>>>>>> Owasp Global Board
>>>>>> +353 87 977 2988
>>>>>> 
>>>>>> 
>>>>>> On 1 Feb 2013, at 22:33, Jim Manico <jim.manico at owasp.org> wrote:
>>>>>> 
>>>>>>> I do not think of XSS as an attack, XSS is a weakness or vulnerability.
>>>>>>> 
>>>>>>> An attack would be something like "Site Defacement using XSS".
>>>>>>> 
>>>>>>> Aloha,
>>>>>>> Jim
>>>>>>> 
>>>>>>>> Roughly. XSS is used as
>>>>>>>> xss = weakness, vulnerability, attack (and some more)
>>>>>>>> 
>>>>>>>> 
>>>>>>>> Am 01.02.2013 22:23, schrieb Eoin:
>>>>>>>>> Nope. Risk is impact x probability
>>>>>>>>> Vulns = xss SQLI etc
>>>>>>>>> 
>>>>>>>>> Eoin Keary
>>>>>>>>> Owasp Global Board
>>>>>>>>> +353 87 977 2988
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> On 1 Feb 2013, at 20:43, Tom Brennan <tomb at owasp.org> wrote:
>>>>>>>>> 
>>>>>>>>>> Considering its risks not vulns., hope he updates his cards for 2013
>>>>>>>>>> 
>>>>>>>>>> 
>>>>>>>>>> On Feb 1, 2013, at 3:39 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
>>>>>>>>>> 
>>>>>>>>>>> Hello OWASP,
>>>>>>>>>>> 
>>>>>>>>>>> I couldn't resist posting this to the list! I think that is just pure awesome!
>>>>>>>>>>> 
>>>>>>>>>>> I ran across this sole proprietor of this security firm this week at a local security event. He expressed a great deal of gratitude and thanked us for all the amazing work the community has produced.
>>>>>>>>>>> 
>>>>>>>>>>> He said he had the OWASP top 10 on the back of his business cards since the OWASP top 10 was published, but he didn't have any with him, so I gave him mine and promised to send me his card when he got home.
>>>>>>>>>>> 
>>>>>>>>>>> And since they are digital, I just had to share this with the list. He said OWASP helped his micro-business enormously because his clients were not able to ignore his advice anymore because 'the worlds security experts' were advocating the same practices.
>>>>>>>>>>> 
>>>>>>>>>>> Anyhow, I love stories about how OWASP made a difference for people & I hope you do too.
>>>>>>>>>>> 
>>>>>>>>>>> Dennis
>>>>>>>>>>> 
>>>>>>>>>>> Dennis Groves, MSc
>>>>>>>> 
>>>>>>>> _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> 
>>>> 
>>>> -- 
>>>> [Dennis Groves](http://about.me/dennis.groves), MSc
>>>> [Email me](mailto:dennis.groves at owasp.org) or [schedule a meeting](http://goo.gl/8sPIy).
>>>> 
>>>> *This email is licensed under a [CC BY-ND 3.0](http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB) license.*
>>>> 
>>>> **Please do not send me Microsoft Office/Apple iWork documents.**
>>>> Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
>>>> Stand up for your freedom to install [free software](http://www.fsf.org/campaigns/secure-boot/statement).
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130202/51f792f0/attachment.html>


More information about the OWASP-Leaders mailing list