[Owasp-leaders] The OWASP Periodic Table Project

James Landis james.landis at owasp.org
Tue Mar 5 19:15:18 UTC 2013


The Top X lists are: "what are they, which ones are the worst"; the
Periodic Table is: "how are they best solved". Additionally, the Top X
lists are just the top X, the Table intends to cover EVERY vulnerability
class.

If it's not clear from the high-level project description, perhaps a FAQ is
in order, though. I'll track this question and watch for others.

Thanks!
-j


On Tue, Mar 5, 2013 at 8:42 AM, Eric Sheridan <eric.sheridan at owasp.org>wrote:

> Can you guys provide some insight (perhaps via Wiki) why this should be
> used in place of / along side WASC/CWE/SANST25/OT10/etc.?
>
> Sincerely,
> Eric Sheridan
> (twitter) @eric_sheridan
> (blog) http://ericsheridan.blogspot.com
>
> On 3/5/13 4:41 AM, Jim Manico wrote:
> > A working group is now forming under the leadership of James Landis to
> produce the 1.0 draft of the OWASP Periodic Table of Vulnerabilities
> project.
> >
> > The goal of this project is to identify the ideal solution target for
> known web application vulnerability classes as a first step toward
> eliminating many classes of vulnerabilities altogether. The project is
> currently targeting web standards, perimeter technologies, and frameworks.
> The first public release of the project will represent a multi-industry
> consensus about the ideal solution target for each vulnerability.
> >
> > If you would like to have a hand in shaping the future of web
> application technologies toward solving vulnerabilities like cross-site
> scripting and SQL injection forever, your contributions would be greatly
> appreciated! We are especially seeking candidates to represent the
> perspectives of several key industry groups, as outlined in the project
> roadmap below. If you are interested in keeping an eye on the project
> discussion, please join the mailing list. If you would like to contribute
> as a member of the working group, please email the project leader with a
> very short bio, a list of the industry groups you might represent, a few
> sentences about why you'd like to join the group, and a rough estimate of
> the amount of time you could dedicate to the project per month.
> >
> > Project page:
> https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities
> >
> > Roadmap:
> https://www.owasp.org/index.php/Projects/OWASP_Periodic_Table_of_Vulnerabilities/Roadmap
> >
> > Mailing list:
> https://lists.owasp.org/mailman/listinfo/owasp_periodic_table_of_vulnerabilities
> >
> > Project lead: James Landis <james.landis at owasp.org>
> >
> > Thank you for considering.
> >
> > Aloha,
> > Jim Manico
> > OWASP Volunteer
> > @Manicode
> > _______________________________________________
> > OWASP-Leaders mailing list
> > OWASP-Leaders at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130305/1f3cb37e/attachment-0001.html>


More information about the OWASP-Leaders mailing list