[Owasp-leaders] Open for comments -- OWASP Automated Threats Handbook Update

Tin Zaw tin.zaw at owasp.org
Wed Oct 12 15:17:42 UTC 2016


All leaders,

I would like to open up for public comments on version 1.1 of OWASP
Automated Threats hand book that Colin and myself are working on. The
latest published version is 1.01 published about a year ago.

More information about the project can be found on the project wiki below.

https://www.owasp.org/index.php/OWASP_Automated_Threats_to_Web_Applications

And before you review, please let me make a few comments on additions and
modifications that we are working on.


   - We are adding more items to Possible Symptoms to each OAT (OWASP
   Automated Threat) in the book.
   - We are adding a new section called Countermeasures which contains
   description on Countermeasure Classes. Each countermeasure class is also
   marked with stage or phase in SDLC to apply, and type of mitigation it
   provides such as detection, prevention or recovery.
   - Each OAT will then be updated with applicable Countermeasure Class(es)
   with possible modifications unique to the OAT.

Please see the link below to comment. Anyone with the link can comment so
please feel free to share it to practitioners and colleagues in the
industry. We will close the review period on October 20.
https://docs.google.com/document/d/1QcULATjxEZLiAmMcNZC4LXwF1yVTEPL3N5IUfKhcRUQ/edit?usp=sharing

Please feel free to reach out to me or Colin if you have questions. We
thank you for your participation.

-- 
Tin Zaw
OWASP Volunteer
Google Voice: (213) 973-9295
LinkedIn: http://www.linkedin.com/in/tinzaw
AppSec California: https://2017.appseccalifornia.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20161012/e60ceedd/attachment.html>


More information about the OWASP-Leaders mailing list