[Owasp-leaders] [Owasp-testing] Public release of the OWASP TESTING GUIDE v4

Hugo Costa hugo.costa at owasp.org
Sun Sep 28 16:14:29 UTC 2014


Hello everyone,
Regarding Lulu, I've come to learn that the way it works is pretty simple.
I only nerd to uplado a PDF with the cover anda another onde with te
content. The final price, I think, must be determined though there is
intormation on the cost per book e depending in the type of paper, number
of pages, etc...
Em 28/09/2014 17:09, "Dimitri Fousekis" <dimitri at bitcrack.net> escreveu:

>  English is not only my first language but I do review security
> documentation for grammar and “sense” as part of my day job as well, so I
> don’t mind giving it a detailed overview and highlighting what should be
> changed, if anything?
>
>  If so let me know, and whether you would like me to make notes on a
> separate document or do you have it in Word so I can track changes?
>
>  Regards,
>
>  Dimitri
>
>
>   From: Tomas Zatko <tomas.zatko at citadelo.com>
> Date: Sunday 28 September 2014 at 5:58 PM
> To: Jim Manico <jim.manico at owasp.org>
> Cc: Hugo Costa <hugo.costa at owasp.org>, "owasp-leaders at lists.owasp.org" <
> owasp-leaders at lists.owasp.org>, owasp-testing <
> owasp-testing at lists.owasp.org>
> Subject: Re: [Owasp-testing] [Owasp-leaders] Public release of the OWASP
> TESTING GUIDE v4
>
>   This is very good idea. I agree.
>
>   --
> Tomas Zatko, CISSP, CEH
>  http://www.citadelo.com
>
>  On 28 Sep 2014, at 17:47, Jim Manico <jim.manico at owasp.org> wrote:
>
>  My suggestion is that we hire a professional to grammar-edit all of our
> primary documents like the testing guide. Such services are very reasonable
> in cost.
>
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On Sep 28, 2014, at 8:43 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>
>  I've read it over the last few weeks. There are some typos still there.
> Before going to print shall we perform one more peer review?
>
>
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
>
>
> On 28 Sep 2014, at 16:30, Ryan Dewhurst <ryandewhurst at gmail.com> wrote:
>
>  Any news on a paperback version? (from lulu.com?)
>
> On Wed, Sep 24, 2014 at 8:20 PM, Matteo Meucci <matteo.meucci at owasp.org>
> wrote:
>
>> Hi all,
>> thanks to the fantastic job of Hugo we just upload an updated version of
>> the Guide.
>>
>> You can download it here:
>> https://www.owasp.org/images/5/52/OWASP_Testing_Guide_v4.pdf
>>
>> And it is accessible from here:
>> http://www.owasp.org/index.php/OWASP_Testing_Project
>> https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
>>
>>
>> Thanks!
>> Mat
>>
>>
>> On 17/09/2014 17:03, Andrew Muller wrote:
>> > Folks,
>> >   OWASP is proud to announce the public release of the OWASP Testing
>> > Guide version 4.
>> > As a rich and diverse security community we should be proud of the
>> > achievement and we'd like to thank and congratulate everyone that
>> > authored or reviewed the Guide.
>> > You'll notice several changes between v3 and v4. Some sections have been
>> > renamed, removed or reworked, but overall the OWASP Testing Guide
>> > version 4 improves on
>> > version 3 in three ways:
>> >
>> > *1.* This version of the Testing Guide integrates with the two other
>> > flagship OWASP documentation products: the Developers Guide and the Code
>> > Review Guide. To achieve this we aligned the testing categories and test
>> > numbering with those in other OWASP products. The objective of the
>> > Testing and Code Review Guides is to evaluate the security controls
>> > described by the Developers Guide.
>> >
>> > *2.* All chapters have been improved and test cases expanded to 87 (64
>> > test cases in v3) including the introduction of four new chapters and
>> > controls:
>> > - Identity Management Testing
>> > - Error Handling
>> > - Cryptography
>> > - Client Side Testing
>> >
>> > *3.* This version of the Testing Guide encourages the community not to
>> > simply accept the test cases outlined in this guide. We encourage
>> > security testers to integrate with other software testers and devise
>> > test cases specific to the target application. As we find test cases
>> > that have wider applicability we encourage the security testing
>> > community to share them and contribute them to the Testing Guide. This
>> > will continue to build the application security body of knowledge and
>> > allow the development of the Testing Guide to be an iterative rather
>> > than monolithic process.
>> >
>> >
>> > As we continue to improve our tools and documentation, we'd like to ask
>> > you to support OWASP to reach the following goals:
>> >
>> >   *Continuously improve the guide*.
>> > The Guide is a "live" document: we always need your feedback! Tell us
>> > what you love. Tell us what you love less.
>> > Please join our testing mailing list and share your ideas:
>> > http://lists.owasp.org/mailman/listinfo/owasp-testing
>> > <http://lists.owasp.org/mailman/listinfo/owasp-testing>
>> >
>> >   *Promote the Testing Guide*.
>> > We would like to have some more media coverage on the Guide, so please,
>> > if you know somebody that can help please put them in touch with us.
>> > If you have the chance, you can write an article about the Testing Guide
>> > and other new OWASP Projects.
>> >
>> >   *Add 'quotes' to the Guide*.
>> > We made a special 'quotes' pages for the Testing Guide.
>> > Here we'd link you to add comments and references to the Guide.
>> > http://www.owasp.org/index.php/OWASP_Testing_Guide_Quotes
>> > <http://www.owasp.org/index.php/OWASP_Testing_Guide_Quotes>
>> >
>> > The OWASP Testing Guide includes a "best practice" penetration testing
>> > framework which users can implement in their own organizations and a
>> > "low level" penetration testing guide that describes techniques for
>> > testing most common web application and web service security issues.
>> >
>> > Download or browse the Guide now from:
>> >
>> > - https://www.owasp.org/images/1/19/OTGv4.pdf
>> >
>> > -
>> >
>> https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
>> > <
>> https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents>
>> >
>> >
>> > regards,
>> > ____________________
>> > *Andrew Muller*
>> > Canberra OWASP Chapter Leader
>> > OWASP Testing Guide Co-Leader
>>
>>  -
>> _______________________________________________
>> Owasp-testing mailing list
>> Owasp-testing at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-testing
>>
>
>  _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
>
>  _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140928/c5845ef0/attachment.html>


More information about the OWASP-Leaders mailing list