[Owasp-leaders] Announcing New Project - Web Hacking Incidents Database (WHID) Project
ryan.barnett at owasp.org
Tue Feb 18 21:31:36 UTC 2014
Absolutely! I would love to come up with cooler ways to slice/dice this
data to extract useful intel :)
Ideas are welcome.
From: Jason Johnson <jason.johnson at owasp.org>
Date: Tuesday, February 18, 2014 4:29 PM
To: Abbas Naderi <abiusx at owasp.org>
Cc: Ryan Barnett <ryan.barnett at owasp.org>, OWASP Leaders
<owasp-leaders at lists.owasp.org>
Subject: Re: [Owasp-leaders] Announcing New Project - Web Hacking Incidents
Database (WHID) Project
> Wow you could add a threat matrix to this like a level of Risk. Then trend
> this stuff.
> Jason Johnson
> Oklahoma City, OK
> On Feb 18, 2014 3:15 PM, "Abbas Naderi" <abiusx at owasp.org> wrote:
>> Is there a separate website? Where do you maintain the list and data?
>> Notice: This message is digitally signed, its source and integrity are
>> If you mail client does not support S/MIME verification, it will display a
>> file (smime.p7s), which includes the X.509 certificate and the signature
>> body. Read more at Certified E-Mail with Comodo and Thunderbird
>> <http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
>> AbiusX.com <http://AbiusX.com>
>> On Feb 18, 2014, at 4:09 PM, Jason Johnson <jason.johnson at owasp.org> wrote:
>>> Ohhh I like this how can one enter attacks? What is considered an attack. I
>>> would like to build some active graphs from the data.
>>> Jason Johnson
>>> Oklahoma City, OK
>>> On Feb 18, 2014 2:22 PM, "Ryan Barnett" <ryan.barnett at owasp.org> wrote:
>>>> FYI we have just successfully setup the new project page here -
>>>> This is a joint project between OWASP/WASC. The main motivations for
>>>> joining this project with OWASP were:
>>>> 1. Gain better visibility for the project. WHID can be used in future
>>>> OWASP Top 10 discussions to help provide "Attack Liklihood" information.
>>>> 2. To help solicit community help with adding entries. I have heard many
>>>> people say that they reference WHID and that is serves a valueable service.
>>>> The issue is that it is currently a "Ryan Barnett" project as I am the only
>>>> one adding entries I need help. Fortunately, I already got word from
>>>> Jerry Hoff that he in interested in helping (Thanks Jerry!). If anyone
>>>> else would like to help, please let me know.
>>>> Let me know if you have any questions about the project.
>>>> Ryan Barnett
>>>> OWASP ModSecurity CRS Project Leader
>>>> OWASP WHID Project Leader
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders