[Owasp-leaders] Announcing New Project - Web Hacking Incidents Database (WHID) Project

Ryan Barnett ryan.barnett at owasp.org
Tue Feb 18 21:31:36 UTC 2014


Absolutely!  I would love to come up with cooler ways to slice/dice this
data to extract useful intel :)

Ideas are welcome.

-Ryan

From:  Jason Johnson <jason.johnson at owasp.org>
Date:  Tuesday, February 18, 2014 4:29 PM
To:  Abbas Naderi <abiusx at owasp.org>
Cc:  Ryan Barnett <ryan.barnett at owasp.org>, OWASP Leaders
<owasp-leaders at lists.owasp.org>
Subject:  Re: [Owasp-leaders] Announcing New Project - Web Hacking Incidents
Database (WHID) Project

> 
> Wow you could add a threat matrix to this like a level of Risk. Then trend
> this stuff.
> Jason Johnson
> OWASP
> Oklahoma City, OK
> On Feb 18, 2014 3:15 PM, "Abbas Naderi" <abiusx at owasp.org> wrote:
>> Is there a separate website? Where do you maintain the list and data?
>> -A
>> ______________________________________________________________
>> Notice: This message is digitally signed, its source and integrity are
>> verifiable.
>> If you mail client does not support S/MIME verification, it will display a
>> file (smime.p7s), which includes the X.509 certificate and the signature
>> body.  Read more at Certified E-Mail with Comodo and Thunderbird
>> <http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/>  in
>> AbiusX.com <http://AbiusX.com>
>> 
>> On Feb 18, 2014, at 4:09 PM, Jason Johnson <jason.johnson at owasp.org> wrote:
>> 
>>> 
>>> Ohhh I like this how can one enter attacks? What is considered an attack. I
>>> would like to build some active graphs from the data.
>>> 
>>> Jason Johnson
>>> OWASP
>>> Oklahoma City, OK
>>> On Feb 18, 2014 2:22 PM, "Ryan Barnett" <ryan.barnett at owasp.org> wrote:
>>>> FYI ­ we have just successfully setup the new project page here -
>>>> https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_P
>>>> roject
>>>> 
>>>> This is a joint project between OWASP/WASC.  The main motivations for
>>>> joining this project with OWASP were:
>>>> 1. Gain better visibility for the project.  WHID can be used in future
>>>> OWASP Top 10 discussions to help provide "Attack Liklihood" information.
>>>> 2. To help solicit community help with adding entries.  I have heard many
>>>> people say that they reference WHID and that is serves a valueable service.
>>>> The issue is that it is currently a "Ryan Barnett" project as I am the only
>>>> one adding entriesŠ I need help.  Fortunately, I already got word from
>>>> Jerry Hoff that he in interested in helping (Thanks Jerry!).  If anyone
>>>> else would like to help, please let me know.
>>>> Let me know if you have any questions about the project.
>>>> 
>>>> -- 
>>>> Ryan Barnett
>>>> OWASP ModSecurity CRS Project Leader
>>>> OWASP WHID Project Leader
>>>> 
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> 
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140218/8052a00f/attachment-0001.html>


More information about the OWASP-Leaders mailing list