[Owasp-leaders] owasp-informal

Arturo 'Buanzo' Busleiman buanzo at buanzo.com.ar
Sat Feb 2 12:55:04 UTC 2013


Owasp-announce...instead of limiting this one?

Or maybe some crowdsourced maturity?
The leaders list is where I expect owasp leaders to discuss technical
issues and owasp matters of leaders interest. And sometimes some
informality helps find strenths and weaknesses as a group.

No nonsense for me.
 On Feb 2, 2013 9:48 AM, "Dinis Cruz" <dinis.cruz at owasp.org> wrote:

> For that to work you need to subscribe all members of the OWASP-leaders
> into the OWASP-informal
>
> The reason these threads exist is because of the value of the leader's
> shared knowledge
>
> Dinis Cruz
>
> On 2 Feb 2013, at 10:50, Jim Manico <jim.manico at owasp.org> wrote:
>
> Ok let's do this.
>
> We setup owasp-informal.
>
> https://lists.owasp.org/mailman/listinfo/owasp-informal
>
> 1) May I suggest we tighten down the use of owasp-leaders to OWASP news
> only?
> 2) Those who want to chit chat off-topic please migrate to owasp-informal?
> 3) Simply banning Dennis Groves from leaders alone will help. ;) Dennis,
> can I make you admin of owasp-informal ?
>
> Aloha,
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On Feb 1, 2013, at 11:42 PM, Abbas Naderi <abbas.E at owasp.org> wrote:
>
> Remember when we had a plan to make two leaders list, one for free
> discussions and one for decision making?
>
> I think there's a Gaussian Hole where our plans go :D
> -Abbas
> On ۱۴ بهمن ۱۳۹۱, at ۳:۲۵, Jason Johnson <jason.johnson at owasp.org> wrote:
>
> Best part is I will be using this in meeting for the government.
> On Feb 1, 2013 5:37 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
>
>> On 1 Feb 2013, at 22:54, Konstantinos Papapanagiotou wrote:
>>
>>  It's truly amazing what we've turned this thread into. :)
>>> Despite various formal or informal definitions, I believe that
>>> "marketing" wise it's better to talk about the top10 risks rather than the
>>> top10 vulnerabilities.
>>>
>>
>> I can't agree with Konstantinos more!!! Business executives don't have
>> one fuck to give about vulnerabilities; but you start talking about 'risk'
>> to their business and they are all ears. It is about the relevance to the
>> companies we are trying to assist; not about what it 'technically' is that
>> matters…
>>
>>
>>
>>  Can help get heard by executives while the rest will easily think that
>>> practically risks are [a result of] technical vulnerabilities.
>>>
>>> Kostas
>>>
>>> On 2 Φεβ 2013, at 0:48, Eoin <eoin.keary at owasp.org> wrote:
>>>
>>>  It's a payload delivery system.
>>>>
>>>> Eoin Keary
>>>> Owasp Global Board
>>>> +353 87 977 2988
>>>>
>>>>
>>>> On 1 Feb 2013, at 22:33, Jim Manico <jim.manico at owasp.org> wrote:
>>>>
>>>>  I do not think of XSS as an attack, XSS is a weakness or vulnerability.
>>>>>
>>>>> An attack would be something like "Site Defacement using XSS".
>>>>>
>>>>> Aloha,
>>>>> Jim
>>>>>
>>>>>  Roughly. XSS is used as
>>>>>> xss = weakness, vulnerability, attack (and some more)
>>>>>>
>>>>>>
>>>>>> Am 01.02.2013 22:23, schrieb Eoin:
>>>>>>
>>>>>>> Nope. Risk is impact x probability
>>>>>>> Vulns = xss SQLI etc
>>>>>>>
>>>>>>> Eoin Keary
>>>>>>> Owasp Global Board
>>>>>>> +353 87 977 2988
>>>>>>>
>>>>>>>
>>>>>>> On 1 Feb 2013, at 20:43, Tom Brennan <tomb at owasp.org> wrote:
>>>>>>>
>>>>>>>  Considering its risks not vulns., hope he updates his cards for 2013
>>>>>>>>
>>>>>>>>
>>>>>>>> On Feb 1, 2013, at 3:39 PM, "Dennis Groves" <
>>>>>>>> dennis.groves at owasp.org> wrote:
>>>>>>>>
>>>>>>>>  Hello OWASP,
>>>>>>>>>
>>>>>>>>> I couldn't resist posting this to the list! I think that is just
>>>>>>>>> pure awesome!
>>>>>>>>>
>>>>>>>>> I ran across this sole proprietor of this security firm this week
>>>>>>>>> at a local security event. He expressed a great deal of gratitude and
>>>>>>>>> thanked us for all the amazing work the community has produced.
>>>>>>>>>
>>>>>>>>> He said he had the OWASP top 10 on the back of his business cards
>>>>>>>>> since the OWASP top 10 was published, but he didn't have any with him, so I
>>>>>>>>> gave him mine and promised to send me his card when he got home.
>>>>>>>>>
>>>>>>>>> And since they are digital, I just had to share this with the
>>>>>>>>> list. He said OWASP helped his micro-business enormously because his
>>>>>>>>> clients were not able to ignore his advice anymore because 'the worlds
>>>>>>>>> security experts' were advocating the same practices.
>>>>>>>>>
>>>>>>>>> Anyhow, I love stories about how OWASP made a difference for
>>>>>>>>> people & I hope you do too.
>>>>>>>>>
>>>>>>>>> Dennis
>>>>>>>>>
>>>>>>>>> Dennis Groves, MSc
>>>>>>>>>
>>>>>>>>
>>>>>> ______________________________**_________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>>>>>
>>>>> ______________________________**_________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>>>
>>> ______________________________**_________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>>
>>
>>
>> --
>> [Dennis Groves](http://about.me/**dennis.groves<http://about.me/dennis.groves>),
>> MSc
>> [Email me](mailto:[email protected]**owasp.org <dennis.groves at owasp.org>)
>> or [schedule a meeting](http://goo.gl/8sPIy).
>>
>> *This email is licensed under a [CC BY-ND 3.0](http://creativecommons.**
>> org/licenses/by-nd/3.0/deed.**en_GB<http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB>)
>> license.*
>>
>> **Please do not send me Microsoft Office/Apple iWork documents.**
>> Send [OpenDocument](http://fsf.org/**campaigns/opendocument/<http://fsf.org/campaigns/opendocument/>)
>> instead!
>> Stand up for your freedom to install [free software](http://www.fsf.org/*
>> *campaigns/secure-boot/**statement<http://www.fsf.org/campaigns/secure-boot/statement>
>> ).
>> ______________________________**_________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130202/e6dc9391/attachment.html>


More information about the OWASP-Leaders mailing list