[Owasp-leaders] Getting started in AppSec
Timur 'x' Khrotko (owasp)
timur at owasp.org
Mon Oct 20 16:49:18 UTC 2014
On Oct 20, 2014 6:38 PM, "psiinon" <psiinon at gmail.com> wrote:
> This thread got me thinking:
> Just pointing people at the Testing Guide isnt really that helpful (as I
> did, sorry!).
> We have a Getting Started
> <https://www.owasp.org/index.php/Getting_Started> page, but its not
> exactly a simple starting point.
> Jim started a related twitter thread that I thought was very interesting:
> So ... can we come up with a simple '5 point plan' (or whatever) for
> people who are just starting out in appsec?
> So I'm thinking about people on the development side of the business -
> could be developers, team leaders or lower -> middle management.
> They develop software, and they know they dont know enough about security.
> What should their first steps be?
> Maybe we can (should?) get this down to infographic levels - think that
> simple (at a high level, the devil will always be in the detail).
> I'd be very happy to be involved in something like this, but I dont think
> I should lead it:
> 1. I dont have the time
> 2. It could end up being "Use ZAP for almost everything";)
> Or have we already got an ideal initial introduction that I'm not aware of?
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
This message may contain confidential information - you should handle it
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders