[Owasp-leaders] [Owasp-topten] OWASP Top 10 Methodology

Dennis Groves dennis.groves at owasp.org
Fri Mar 15 20:12:07 UTC 2013

On 15 Mar 2013, at 14:59, Dave Wichers wrote:

> It's fun that we have disagreement :-)
> That's why we are trying to back up the position with some publicly
> available facts.
> Note: I'm not for or against this, I'm waiting to see if we as a 
> community
> can come up with a defendable position one way or the other.

I actually couldn't agree more Dave, that is why I believe in the "OWASP 
Top 10 Community Edition".

I also don't have a position - I am just playing the devils advocate to 
ensure a good debate happens. This is *FUN* and essential to a healthy 
community. Think of it as intellectual darwinianism. What is actually 
important is to have community debate the different positions and find 
the data to support their positions. To often in security we read tea 
leaves, it isn't that our gut instinct is wrong - it is that there is a 
difference between what you know and having evidence for what you know.


> On Mar 14, 2013, at 3:56 PM, Dennis Groves wrote:
>> I don't see how Application DOS could possibly be in the Top 10.
> +100; totally agree.

[Dennis Groves](http://about.me/dennis.groves), MSc
[Email me](mailto:dennis.groves at owasp.org) or [schedule a 

*This email is licensed under a [CC BY-ND 
3.0](http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB) license.*

**Please do not send me Microsoft Office/Apple iWork documents.**
Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
Stand up for your freedom to install [free 

> The idea that some lives matter less is the root of all that’s wrong 
> with the world. -- Paul Farmer

More information about the OWASP-Leaders mailing list