[Owasp-leaders] Instead of OWASP libraries, why don't we ...

Tim tim.morgan at owasp.org
Sat Nov 21 23:37:11 UTC 2015


> Hi everyone, All sound like good concepts to me. Is it possible to have
> both, somehow integrated into best of both (or all) worlds, instead of
> either / or scenarios only? Best wishes, Bev

It's definitely not an either-or proposition I'm making.  It's just
that I've come to realize that we're missing a large segment of
developers entirely.  Not only are we missing them, but no matter how
hard we try to reach those green developers directly, there will
always be new developers entering the profession and writing code long
before they even consider security or hear of OWASP.  That's the
segment of the developer population I think we need to put more
resources toward, but other developer groups are perhaps better served
in other ways.

Does that help clarify?
tim


More information about the OWASP-Leaders mailing list