[Owasp-leaders] Which OWASP Projects to highlight and talk more about?

Tobias tobias.gondrom at owasp.org
Wed Dec 10 15:22:48 UTC 2014


Hello Akash,

interesting theme idea Break it & Fix it.
The following is just some of my personal favourites at the moment 
within your theme context:
- Top-10 & Top-10 proactive controls
- Mobile Top-10 & Mobile proactive controls
- Personally, I also find worthwhile for "fix it" to look at Secure 
Coding best Practices Quick Reference Guide (Oh boy, we really need to 
come up with a shorter name for this...)
- And potentially openSAMM as a measure to ramp up your SDLC - again 
"fix it".
- and Cornucopia to spice up the threat assessment / requirements 
process part...

Just my 2cents.

Best, Tobias



On 09/12/14 13:35, Akash Mahajan wrote:
> Hello Folks,
>
> We at OWASP Bangalore are planning on starting new series of sessions 
> called Break It and Fix It.
>
> The idea for now is to take up Top 10, cover the a vulnerable sample 
> application show the attack and then talk about ways to fix the code. 
> If everything goes well we shall start on the 20th of this month.
>
> As part of the recommendations and references at this point what 
> resources should we be highlighting?
>
> The reason to ask the question is that some of the guides are in the 
> process of being re-written and there was a discussion about flagship 
> proects etc.
>
> We have already done extensive coverage of
>
> 1. OWASP ZAP
> 2. OWASP Top 10 2010 and 2013
> 3. OWASP BWA
> 4. OWASP OWTF - Being covered in our meet on the 13th Dec
>
> We would like to do more with
> - The new Dev guide
> - ASVS Document
>
>
> Also, this sort of email is better for the chapters list or the 
> leaders list? I always get confused about that.
>
> Thank you.
>
> -- 
> Warm regards,
> Akash Mahajan
>
> /That Web Application Security Guy/ | +91 99 805 271 82
> akashm.com <http://akashm.com> | /@makash/ on twitter | 
> linkd.in/webappsecguy <http://linkd.in/webappsecguy>
> /OWASP Bangalore Chapter Lead | null Community Manager/
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141210/fa1cef39/attachment.html>


More information about the OWASP-Leaders mailing list