[Owasp-leaders] Misunderstanding in Media about OWASP projects

johanna curiel curiel johanna.curiel at owasp.org
Sun May 14 11:00:07 UTC 2017


The article on DarkReading states:

*"OWASP is now stating that companies need to have some sort of WAF or RASP
technology to detect, respond, and patch. This is going to be a
controversial one as it's a mitigation to a vulnerability and not a
vulnerability in itself,"*

*This statement is wrong.*

Please, is not OWASP as foundation saying this. Project leaders are
autonomous on deciding how to manage their projects, OWASP  foundation only
supervises that Project leaders behave within a code of conduct and
guidelines.

OWASP is a community and stands for OPEN  therefore if you do not agree
with something JOIN US and come discuss it. You have as a contributor all
the power to influence the outcome of every single project and the Top 10
is one of them

Join the discussion and the list, even better , come to the OWASP SUMMIT
2017 in London
http://owaspsummit.org/Working-Sessions/Owasp-Top-10-2017/Data-behind-OWASP-Top-10-2017.html


where Dave & Team will be there to discuss more about it

http://www.darkreading.com/application-security/owasp-top-10-update-long-overdue-or-same-old-same-old/d/d-id/1328608?piddl_msgid=326967#msg_326967
-- 
Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170514/ab66121a/attachment-0001.html>


More information about the OWASP-Leaders mailing list