[Owasp-leaders] OWASP Top Ten 2013 Wiki Version

Abbas Naderi abbas.naderi at owasp.org
Tue Mar 19 00:57:41 UTC 2013


Hello all,

Isn't there a mailing list for top-ten!? We had a whole bunch of discussions there, but no actions were taken. Now we're having the same discussions over the leaders list, and things are starting to happen.

I'm afraid of the day that every workgroup discussion is done over the leaders list!

Thanks
-Abbas
On ۲۹ اسفند ۱۳۹۱, at ۴:۲۰, "Dave Wichers" <dave.wichers at owasp.org> wrote:

> It's not a Google doc. It's a .PPTX file from which we generate the .pdf
> that is the published doc.
> 
> I'm all for thinking about a different model for developing the initial
> draft of the Top 10 that's more open at some point, but I'd rather not
> change the model for this release. I think we need to come to resolution as
> to what we are going to add/change to the Top 10 related to DDOS (or not),
> as well as see if we are going to change how the likelihood of successful
> attack factor is calculated (by opinion as its done now, or based on facts
> per Ryan's research), and then implement those changes.
> 
> And of course if anyone has any specific feedback on anything else in the
> Top 10, please provide that feedback.
> 
> I'm kind of leaning towards adding a 'special' page about DDOS to the Top 10
> that's not in the Top 10 list, but acknowledge this is a significant issue
> that organizations should consider. This allows us to straddle the fence but
> both including it, and not including it at the same time :-).  But those are
> my thoughts anyway. What do others think about this idea?
> 
> -Dave
> 
> -----Original Message-----
> From: Jim Manico [mailto:jim.manico at owasp.org] 
> Sent: Monday, March 18, 2013 7:34 PM
> To: Dave Wichers
> Cc: 'OWASP Leaders'
> Subject: Re: [Owasp-leaders] OWASP Top Ten 2013 Wiki Version
> 
> Understood Dave.
> 
> Can you make the Google Doc world editable to @owasp accounts so the
> community can contribute directly?
> 
> Thanks,
> - Jim
> 
>> Jim and everyone,
>> 
>> 
>> 
>> Hold on please. Please do not just make edits to the wiki and expect 
>> they will be picked up in the Top 10 doc. The PPT we use to create the 
>> Top 10 is considered the master, and the wiki version has been created 
>> to make it easier to view/search on the internet. If you make direct 
>> changes to the wiki, it may not get noticed and included in the Top 10
> doc.
>> 
>> 
>> 
>> I know this is not how many OWASP projects work, but that's how we've 
>> done the Top 10 in the past and plan to do so for at least this next 
>> release. We may change the development process for the Top 10 in the 
>> future, but have not done so yet, so for now, the wiki is NOT the 
>> master for the Top 10, the doc itself is.
>> 
>> 
>> 
>> People have noticed minor editorial issues and sent them to me 
>> directly already, and I have updated the doc that I have so those 
>> changes will be reflected in the final release. People have also 
>> noticed some issues in the wiki version and Neil has been addressing them
> as they come in.
>> 
>> 
>> 
>> Definitely feel free to send comments and have discussions like we've 
>> been having for the past month+.
>> 
>> 
>> 
>> -Dave
>> 
>> 
>> 
>> From: owasp-leaders-bounces at lists.owasp.org
>> [mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Jim Manico
>> Sent: Monday, March 18, 2013 2:01 PM
>> To: OWASP Leaders
>> Subject: [Owasp-leaders] OWASP Top Ten 2013 Wiki Version
>> 
>> 
>> 
>> The upcoming 2013 OWASP Top Ten has been converted to Wiki:
>> 
>> 
>> 
>> https://www.owasp.org/index.php/Top_10_2013
>> 
>> 
>> 
>> If you have something to say or add, now is the time. Your community 
>> contributions to the 2013 OWASP Top Ten are critical! Please dive in!
>> 
>> 
>> 
>> Aloha,
>> 
>> --
>> 
>> Jim Manico
>> 
>> @Manicode
>> 
>> (808) 652-3805
>> 
>> 
> 
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4889 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130319/cd033895/attachment.bin>


More information about the OWASP-Leaders mailing list