[Owasp-leaders] Which OWASP Projects to highlight and talk more about?

Akash Mahajan akash.mahajan at owasp.org
Fri Dec 12 04:20:55 UTC 2014


Hi Tobias,

Thank you for the extensive list of things we can take up.

Out of these, I wasn't aware of Cornucopia before. Could you please tell me
more how we can use it in a meet? (I was reading about it and it seems like
a card game)

On 10 December 2014 at 20:52, Tobias <tobias.gondrom at owasp.org> wrote:

>  Hello Akash,
>
> interesting theme idea Break it & Fix it.
> The following is just some of my personal favourites at the moment within
> your theme context:
> - Top-10 & Top-10 proactive controls
> - Mobile Top-10 & Mobile proactive controls
> - Personally, I also find worthwhile for "fix it" to look at Secure Coding
> best Practices Quick Reference Guide (Oh boy, we really need to come up
> with a shorter name for this...)
> - And potentially openSAMM as a measure to ramp up your SDLC - again "fix
> it".
> - and Cornucopia to spice up the threat assessment / requirements process
> part...
>
> Just my 2cents.
>
> Best, Tobias
>
>
>
>
> On 09/12/14 13:35, Akash Mahajan wrote:
>
>      Hello Folks,
>
> We at OWASP Bangalore are planning on starting new series of sessions
> called Break It and Fix It.
>
> The idea for now is to take up Top 10, cover the a vulnerable sample
> application show the attack and then talk about ways to fix the code. If
> everything goes well we shall start on the 20th of this month.
>
> As part of the recommendations and references at this point what resources
> should we be highlighting?
>
> The reason to ask the question is that some of the guides are in the
> process of being re-written and there was a discussion about flagship
> proects etc.
>
>  We have already done extensive coverage of
>
>  1. OWASP ZAP
>  2. OWASP Top 10 2010 and 2013
>  3. OWASP BWA
>  4. OWASP OWTF - Being covered in our meet on the 13th Dec
>
>  We would like to do more with
>  - The new Dev guide
>  - ASVS Document
>
>
>  Also, this sort of email is better for the chapters list or the leaders
> list? I always get confused about that.
>
>  Thank you.
>
> --
> Warm regards,
> Akash Mahajan
>
> *That Web Application Security Guy* | +91 99 805 271 82
> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
> *OWASP Bangalore Chapter Lead | null Community Manager*
>
>
> _______________________________________________
> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>


-- 
Warm regards,
Akash Mahajan

*That Web Application Security Guy* | +91 99 805 271 82
akashm.com | *@makash* on twitter | linkd.in/webappsecguy
*OWASP Bangalore Chapter Lead | null Community Manager*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141212/4d563780/attachment-0001.html>


More information about the OWASP-Leaders mailing list