[Owasp-leaders] Plan approach - help fix platforms devs use

Jim Manico jim.manico at owasp.org
Wed Nov 25 20:07:53 UTC 2015


Yep, shall we work on a project proposal?

https://www.owasp.org/index.php/Category:OWASP_Project#tab=Starting_a_New_Project

If you don't mind taking lead, I'll jump in and edit.

Aloha,
Jim


On 11/25/15 6:49 PM, Tim wrote:
> Great Jim, I appreciate it.  That makes 3, I think.  Should we set up
> a project officially then?
>
>
>> I'm in. Years ago Arshan D. built a software framework security
>> maturity model that we could leverage to help with portions of this
>> project. No need to start from scratch. ASVS can help inform us here
>> as well. The ESAPI interfaces can also help us in these efforts.
> Yeah, I'm sure there's a lot we can draw inspiration from.
>
>
>> I think a continuous effort over a year or more is necessary to
>> effect change. So when I say "I'm in" I don't say it lightly, Tim.
>> We're trying to change the world anyhow, right?
> Agreed, it will be a never ending battle to convince platform
> developers to make safer APIs.  I am optimistic that we can and will
> change how current APIs work, but there are always new platforms
> shooting up like weeds.
>
> tim

-- 
Jim Manico
Global Board Member
OWASP Foundation
https://www.owasp.org



More information about the OWASP-Leaders mailing list