[Owasp-leaders] The OWASP Periodic Table Project

Eoin eoin.keary at owasp.org
Tue Mar 5 20:35:34 UTC 2013


So the periodic table is a list of vulns right? Best we share the work we did on the owasp common numbering system?

Eoin Keary
Owasp Global Board
+353 87 977 2988


On 5 Mar 2013, at 20:15, James Landis <james.landis at owasp.org> wrote:

> The Top X lists are: "what are they, which ones are the worst"; the Periodic Table is: "how are they best solved". Additionally, the Top X lists are just the top X, the Table intends to cover EVERY vulnerability class.
> 
> If it's not clear from the high-level project description, perhaps a FAQ is in order, though. I'll track this question and watch for others.
> 
> Thanks!
> -j
> 
> 
> On Tue, Mar 5, 2013 at 8:42 AM, Eric Sheridan <eric.sheridan at owasp.org> wrote:
>> Can you guys provide some insight (perhaps via Wiki) why this should be
>> used in place of / along side WASC/CWE/SANST25/OT10/etc.?
>> 
>> Sincerely,
>> Eric Sheridan
>> (twitter) @eric_sheridan
>> (blog) http://ericsheridan.blogspot.com
>> 
>> On 3/5/13 4:41 AM, Jim Manico wrote:
>> > A working group is now forming under the leadership of James Landis to produce the 1.0 draft of the OWASP Periodic Table of Vulnerabilities project.
>> >
>> > The goal of this project is to identify the ideal solution target for known web application vulnerability classes as a first step toward eliminating many classes of vulnerabilities altogether. The project is currently targeting web standards, perimeter technologies, and frameworks. The first public release of the project will represent a multi-industry consensus about the ideal solution target for each vulnerability.
>> >
>> > If you would like to have a hand in shaping the future of web application technologies toward solving vulnerabilities like cross-site scripting and SQL injection forever, your contributions would be greatly appreciated! We are especially seeking candidates to represent the perspectives of several key industry groups, as outlined in the project roadmap below. If you are interested in keeping an eye on the project discussion, please join the mailing list. If you would like to contribute as a member of the working group, please email the project leader with a very short bio, a list of the industry groups you might represent, a few sentences about why you'd like to join the group, and a rough estimate of the amount of time you could dedicate to the project per month.
>> >
>> > Project page: https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities
>> >
>> > Roadmap: https://www.owasp.org/index.php/Projects/OWASP_Periodic_Table_of_Vulnerabilities/Roadmap
>> >
>> > Mailing list: https://lists.owasp.org/mailman/listinfo/owasp_periodic_table_of_vulnerabilities
>> >
>> > Project lead: James Landis <james.landis at owasp.org>
>> >
>> > Thank you for considering.
>> >
>> > Aloha,
>> > Jim Manico
>> > OWASP Volunteer
>> > @Manicode
>> > _______________________________________________
>> > OWASP-Leaders mailing list
>> > OWASP-Leaders at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> >
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130305/02c7d487/attachment.html>


More information about the OWASP-Leaders mailing list