[Owasp-leaders] owasp-informal

Abbas Naderi abbas.naderi at owasp.org
Sat Feb 2 12:52:10 UTC 2013


Well I hereby ask all leaders to join owasp-informal.
Specially those who read a lot but don't say a lot.
-Abbas
On ۱۴ بهمن ۱۳۹۱, at ۱۶:۱۷, Dinis Cruz <dinis.cruz at owasp.org> wrote:

> For that to work you need to subscribe all members of the OWASP-leaders into the OWASP-informal
> 
> The reason these threads exist is because of the value of the leader's shared knowledge
> 
> Dinis Cruz
> 
> On 2 Feb 2013, at 10:50, Jim Manico <jim.manico at owasp.org> wrote:
> 
>> Ok let's do this.
>> 
>> We setup owasp-informal.
>> 
>> https://lists.owasp.org/mailman/listinfo/owasp-informal
>> 
>> 1) May I suggest we tighten down the use of owasp-leaders to OWASP news only?
>> 2) Those who want to chit chat off-topic please migrate to owasp-informal?
>> 3) Simply banning Dennis Groves from leaders alone will help. ;) Dennis, can I make you admin of owasp-informal ?
>> 
>> Aloha,
>> --
>> Jim Manico
>> @Manicode
>> (808) 652-3805
>> 
>> On Feb 1, 2013, at 11:42 PM, Abbas Naderi <abbas.E at owasp.org> wrote:
>> 
>>> Remember when we had a plan to make two leaders list, one for free discussions and one for decision making?
>>> 
>>> I think there's a Gaussian Hole where our plans go :D 
>>> -Abbas
>>> On ۱۴ بهمن ۱۳۹۱, at ۳:۲۵, Jason Johnson <jason.johnson at owasp.org> wrote:
>>> 
>>>> Best part is I will be using this in meeting for the government.
>>>> 
>>>> On Feb 1, 2013 5:37 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
>>>> On 1 Feb 2013, at 22:54, Konstantinos Papapanagiotou wrote:
>>>> 
>>>> It's truly amazing what we've turned this thread into. :)
>>>> Despite various formal or informal definitions, I believe that "marketing" wise it's better to talk about the top10 risks rather than the top10 vulnerabilities.
>>>> 
>>>> I can't agree with Konstantinos more!!! Business executives don't have one fuck to give about vulnerabilities; but you start talking about 'risk' to their business and they are all ears. It is about the relevance to the companies we are trying to assist; not about what it 'technically' is that matters…
>>>> 
>>>> 
>>>> 
>>>> Can help get heard by executives while the rest will easily think that practically risks are [a result of] technical vulnerabilities.
>>>> 
>>>> Kostas
>>>> 
>>>> On 2 Φεβ 2013, at 0:48, Eoin <eoin.keary at owasp.org> wrote:
>>>> 
>>>> It's a payload delivery system.
>>>> 
>>>> Eoin Keary
>>>> Owasp Global Board
>>>> +353 87 977 2988
>>>> 
>>>> 
>>>> On 1 Feb 2013, at 22:33, Jim Manico <jim.manico at owasp.org> wrote:
>>>> 
>>>> I do not think of XSS as an attack, XSS is a weakness or vulnerability.
>>>> 
>>>> An attack would be something like "Site Defacement using XSS".
>>>> 
>>>> Aloha,
>>>> Jim
>>>> 
>>>> Roughly. XSS is used as
>>>> xss = weakness, vulnerability, attack (and some more)
>>>> 
>>>> 
>>>> Am 01.02.2013 22:23, schrieb Eoin:
>>>> Nope. Risk is impact x probability
>>>> Vulns = xss SQLI etc
>>>> 
>>>> Eoin Keary
>>>> Owasp Global Board
>>>> +353 87 977 2988
>>>> 
>>>> 
>>>> On 1 Feb 2013, at 20:43, Tom Brennan <tomb at owasp.org> wrote:
>>>> 
>>>> Considering its risks not vulns., hope he updates his cards for 2013
>>>> 
>>>> 
>>>> On Feb 1, 2013, at 3:39 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
>>>> 
>>>> Hello OWASP,
>>>> 
>>>> I couldn't resist posting this to the list! I think that is just pure awesome!
>>>> 
>>>> I ran across this sole proprietor of this security firm this week at a local security event. He expressed a great deal of gratitude and thanked us for all the amazing work the community has produced.
>>>> 
>>>> He said he had the OWASP top 10 on the back of his business cards since the OWASP top 10 was published, but he didn't have any with him, so I gave him mine and promised to send me his card when he got home.
>>>> 
>>>> And since they are digital, I just had to share this with the list. He said OWASP helped his micro-business enormously because his clients were not able to ignore his advice anymore because 'the worlds security experts' were advocating the same practices.
>>>> 
>>>> Anyhow, I love stories about how OWASP made a difference for people & I hope you do too.
>>>> 
>>>> Dennis
>>>> 
>>>> Dennis Groves, MSc
>>>> 
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> 
>>>> 
>>>> -- 
>>>> [Dennis Groves](http://about.me/dennis.groves), MSc
>>>> [Email me](mailto:dennis.groves at owasp.org) or [schedule a meeting](http://goo.gl/8sPIy).
>>>> 
>>>> *This email is licensed under a [CC BY-ND 3.0](http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB) license.*
>>>> 
>>>> **Please do not send me Microsoft Office/Apple iWork documents.**
>>>> Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
>>>> Stand up for your freedom to install [free software](http://www.fsf.org/campaigns/secure-boot/statement).
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>> 
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130202/3f1571f7/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4889 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130202/3f1571f7/attachment-0001.bin>


More information about the OWASP-Leaders mailing list