[Owasp-leaders] [OWASP-chapters] Which OWASP Projects to highlight and talk more about?

Andrew van der Stock vanderaj at owasp.org
Tue Dec 23 05:18:49 UTC 2014


If you want any material on the DevGuide and ASVS, please just ask! :)

Andrew

On Sat, Dec 20, 2014 at 12:00 AM, Colin Watson <colin.watson at owasp.org>
wrote:

> Akash
>
> The Cornucopia project mailing list is the best place to ask questions
> and share experiences:
>
>    https://lists.owasp.org/mailman/listinfo/owasp_cornucopia
>
> The latest document on the wiki page has some more recent FAQs in it.
>
> Regards
>
> Colin
> OWASP Cornucopia project leader
> https://www.owasp.org/index.php/OWASP_Cornucopia
>
>
>
> On 17 December 2014 at 09:08, Tobias <tobias.gondrom at owasp.org> wrote:
> > Cornucopia is a threat modeling card game.
> > The project page is on our wiki.
> > You can also get the card deck as merchandise from our global team.
> > We played a round of Cornucopia last year in London and I find it
> > interesting and a potentially good way to improve threat modelling
> sessions
> > that otherwise can be quite an uphill battle against disinterested
> > developers... ;-)
> >
> > For further questions, maybe check with Colin. (I cc'ed him on the
> email).
> >
> > Best, Tobias
> >
> >
> > On 12/12/14 13:20, Akash Mahajan wrote:
> >
> > Hi Tobias,
> >
> > Thank you for the extensive list of things we can take up.
> >
> > Out of these, I wasn't aware of Cornucopia before. Could you please tell
> me
> > more how we can use it in a meet? (I was reading about it and it seems
> like
> > a card game)
> >
> > On 10 December 2014 at 20:52, Tobias <tobias.gondrom at owasp.org> wrote:
> >>
> >> Hello Akash,
> >>
> >> interesting theme idea Break it & Fix it.
> >> The following is just some of my personal favourites at the moment
> within
> >> your theme context:
> >> - Top-10 & Top-10 proactive controls
> >> - Mobile Top-10 & Mobile proactive controls
> >> - Personally, I also find worthwhile for "fix it" to look at Secure
> Coding
> >> best Practices Quick Reference Guide (Oh boy, we really need to come up
> with
> >> a shorter name for this...)
> >> - And potentially openSAMM as a measure to ramp up your SDLC - again
> "fix
> >> it".
> >> - and Cornucopia to spice up the threat assessment / requirements
> process
> >> part...
> >>
> >> Just my 2cents.
> >>
> >> Best, Tobias
> >>
> >>
> >>
> >>
> >> On 09/12/14 13:35, Akash Mahajan wrote:
> >>
> >> Hello Folks,
> >>
> >> We at OWASP Bangalore are planning on starting new series of sessions
> >> called Break It and Fix It.
> >>
> >> The idea for now is to take up Top 10, cover the a vulnerable sample
> >> application show the attack and then talk about ways to fix the code. If
> >> everything goes well we shall start on the 20th of this month.
> >>
> >> As part of the recommendations and references at this point what
> resources
> >> should we be highlighting?
> >>
> >> The reason to ask the question is that some of the guides are in the
> >> process of being re-written and there was a discussion about flagship
> >> proects etc.
> >>
> >> We have already done extensive coverage of
> >>
> >> 1. OWASP ZAP
> >> 2. OWASP Top 10 2010 and 2013
> >> 3. OWASP BWA
> >> 4. OWASP OWTF - Being covered in our meet on the 13th Dec
> >>
> >> We would like to do more with
> >> - The new Dev guide
> >> - ASVS Document
> >>
> >>
> >> Also, this sort of email is better for the chapters list or the leaders
> >> list? I always get confused about that.
> >>
> >> Thank you.
> >>
> >> --
> >> Warm regards,
> >> Akash Mahajan
> >>
> >> That Web Application Security Guy | +91 99 805 271 82
> >> akashm.com | @makash on twitter | linkd.in/webappsecguy
> >> OWASP Bangalore Chapter Lead | null Community Manager
> >>
> >>
> >> _______________________________________________
> >> OWASP-Leaders mailing list
> >> OWASP-Leaders at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >>
> >>
> >
> >
> >
> > --
> > Warm regards,
> > Akash Mahajan
> >
> > That Web Application Security Guy | +91 99 805 271 82
> > akashm.com | @makash on twitter | linkd.in/webappsecguy
> > OWASP Bangalore Chapter Lead | null Community Manager
> >
> >
> _______________________________________________
> Owasp-chapters mailing list
> Owasp-chapters at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-chapters
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141223/66e35178/attachment.html>


More information about the OWASP-Leaders mailing list