[Owasp-leaders] owasp-informal
Dinis Cruz
dinis.cruz at owasp.org
Sat Feb 2 12:47:33 UTC 2013
For that to work you need to subscribe all members of the OWASP-leaders into the OWASP-informal
The reason these threads exist is because of the value of the leader's shared knowledge
Dinis Cruz
On 2 Feb 2013, at 10:50, Jim Manico <jim.manico at owasp.org> wrote:
> Ok let's do this.
>
> We setup owasp-informal.
>
> https://lists.owasp.org/mailman/listinfo/owasp-informal
>
> 1) May I suggest we tighten down the use of owasp-leaders to OWASP news only?
> 2) Those who want to chit chat off-topic please migrate to owasp-informal?
> 3) Simply banning Dennis Groves from leaders alone will help. ;) Dennis, can I make you admin of owasp-informal ?
>
> Aloha,
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On Feb 1, 2013, at 11:42 PM, Abbas Naderi <abbas.E at owasp.org> wrote:
>
>> Remember when we had a plan to make two leaders list, one for free discussions and one for decision making?
>>
>> I think there's a Gaussian Hole where our plans go :D
>> -Abbas
>> On ۱۴ بهمن ۱۳۹۱, at ۳:۲۵, Jason Johnson <jason.johnson at owasp.org> wrote:
>>
>>> Best part is I will be using this in meeting for the government.
>>>
>>> On Feb 1, 2013 5:37 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
>>>> On 1 Feb 2013, at 22:54, Konstantinos Papapanagiotou wrote:
>>>>
>>>>> It's truly amazing what we've turned this thread into. :)
>>>>> Despite various formal or informal definitions, I believe that "marketing" wise it's better to talk about the top10 risks rather than the top10 vulnerabilities.
>>>>
>>>> I can't agree with Konstantinos more!!! Business executives don't have one fuck to give about vulnerabilities; but you start talking about 'risk' to their business and they are all ears. It is about the relevance to the companies we are trying to assist; not about what it 'technically' is that matters…
>>>>
>>>>
>>>>
>>>>> Can help get heard by executives while the rest will easily think that practically risks are [a result of] technical vulnerabilities.
>>>>>
>>>>> Kostas
>>>>>
>>>>> On 2 Φεβ 2013, at 0:48, Eoin <eoin.keary at owasp.org> wrote:
>>>>>
>>>>>> It's a payload delivery system.
>>>>>>
>>>>>> Eoin Keary
>>>>>> Owasp Global Board
>>>>>> +353 87 977 2988
>>>>>>
>>>>>>
>>>>>> On 1 Feb 2013, at 22:33, Jim Manico <jim.manico at owasp.org> wrote:
>>>>>>
>>>>>>> I do not think of XSS as an attack, XSS is a weakness or vulnerability.
>>>>>>>
>>>>>>> An attack would be something like "Site Defacement using XSS".
>>>>>>>
>>>>>>> Aloha,
>>>>>>> Jim
>>>>>>>
>>>>>>>> Roughly. XSS is used as
>>>>>>>> xss = weakness, vulnerability, attack (and some more)
>>>>>>>>
>>>>>>>>
>>>>>>>> Am 01.02.2013 22:23, schrieb Eoin:
>>>>>>>>> Nope. Risk is impact x probability
>>>>>>>>> Vulns = xss SQLI etc
>>>>>>>>>
>>>>>>>>> Eoin Keary
>>>>>>>>> Owasp Global Board
>>>>>>>>> +353 87 977 2988
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 1 Feb 2013, at 20:43, Tom Brennan <tomb at owasp.org> wrote:
>>>>>>>>>
>>>>>>>>>> Considering its risks not vulns., hope he updates his cards for 2013
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Feb 1, 2013, at 3:39 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hello OWASP,
>>>>>>>>>>>
>>>>>>>>>>> I couldn't resist posting this to the list! I think that is just pure awesome!
>>>>>>>>>>>
>>>>>>>>>>> I ran across this sole proprietor of this security firm this week at a local security event. He expressed a great deal of gratitude and thanked us for all the amazing work the community has produced.
>>>>>>>>>>>
>>>>>>>>>>> He said he had the OWASP top 10 on the back of his business cards since the OWASP top 10 was published, but he didn't have any with him, so I gave him mine and promised to send me his card when he got home.
>>>>>>>>>>>
>>>>>>>>>>> And since they are digital, I just had to share this with the list. He said OWASP helped his micro-business enormously because his clients were not able to ignore his advice anymore because 'the worlds security experts' were advocating the same practices.
>>>>>>>>>>>
>>>>>>>>>>> Anyhow, I love stories about how OWASP made a difference for people & I hope you do too.
>>>>>>>>>>>
>>>>>>>>>>> Dennis
>>>>>>>>>>>
>>>>>>>>>>> Dennis Groves, MSc
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>> --
>>>> [Dennis Groves](http://about.me/dennis.groves), MSc
>>>> [Email me](mailto:dennis.groves at owasp.org) or [schedule a meeting](http://goo.gl/8sPIy).
>>>>
>>>> *This email is licensed under a [CC BY-ND 3.0](http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB) license.*
>>>>
>>>> **Please do not send me Microsoft Office/Apple iWork documents.**
>>>> Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
>>>> Stand up for your freedom to install [free software](http://www.fsf.org/campaigns/secure-boot/statement).
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130202/51f792f0/attachment.html>
More information about the OWASP-Leaders
mailing list