[Owasp-leaders] Plan approach - help fix platforms devs use

johanna curiel curiel johanna.curiel at owasp.org
Mon Nov 23 17:39:01 UTC 2015


Hi Tim

Based on your last email
http://lists.owasp.org/pipermail/owasp-leaders/2015-November/015507.html

You mentioned: "The changes can be simple and subtle, but we have to
convince the owners of those platforms to do it"

I think we should set a concrete plan here. How can we achieve this?

You said"* I have some ideas on that, but I **think it is going to require
a significant initiative that I can't Tale on alone.  Does this resonate
with anyone?*

Yes we could indeed, I'm willing to support this one. "*It should be easy
enough to approach smaller projects and frameworks, but in order to make
the most difference, I think we need to engage the ***big* development
platform maintainers.* "

Agree and for that purpose I think we can organise and invite everyone to a
webinar, virtual meeting to begin with and grow this into a more serious
meeting. We need to identify the Project managers/leaders at this
frameworks projects.

I like in small and realistic steps so we could begin inviting small
framework leaders to a webinar meeting such as

   - NodeJS==> this one is relative new in the scene but growing and full
   of security issues
   - MongoDB==>same
   - Fill in here

Lets try to start small with small framers but definitely quite important
in the way they are being used now

Regards

Johanna
-
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151123/04091438/attachment.html>


More information about the OWASP-Leaders mailing list