<div>Hi Akash,</div><div><br></div>+1 for OWASP SAMM, I would be happy to do a remote presentation to "Fix It".<br><br><div>kind regards<div>Seba<br><div><br></div></div></div><br><div class="gmail_quote">On Wed Dec 10 2014 at 4:24:28 PM Tobias <<a href="mailto:tobias.gondrom@owasp.org">tobias.gondrom@owasp.org</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div text="#000000" bgcolor="#FFFFFF">
    <div>Hello Akash, <br>
      <br>
      interesting theme idea Break it & Fix it. <br>
      The following is just some of my personal favourites at the moment
      within your theme context: <br>
      - Top-10 & Top-10 proactive controls<br>
      - Mobile Top-10 & Mobile proactive controls <br>
      - Personally, I also find worthwhile for "fix it" to look at
      Secure Coding best Practices Quick Reference Guide (Oh boy, we
      really need to come up with a shorter name for this...) <br>
      - And potentially openSAMM as a measure to ramp up your SDLC -
      again "fix it". <br>
      - and Cornucopia to spice up the threat assessment / requirements
      process part...<br>
      <br>
      Just my 2cents. <br>
      <br>
      Best, Tobias</div></div><div text="#000000" bgcolor="#FFFFFF"><div><br>
      <br>
      <br>
      <br>
      On 09/12/14 13:35, Akash Mahajan wrote:<br>
    </div></div><div text="#000000" bgcolor="#FFFFFF">
    <blockquote type="cite">
      <div dir="ltr">
        <div>
          <div>
            <div>
              <div>
                <div>
                  <div>
                    <div>
                      <div>
                        <div>Hello Folks, <br>
                          <br>
                          We at OWASP Bangalore are planning on starting
                          new series of sessions called Break It and Fix
                          It. <br>
                          <br>
                          The idea for now is to take up Top 10, cover
                          the a vulnerable sample application show the
                          attack and then talk about ways to fix the
                          code. If everything goes well we shall start
                          on the 20th of this month. <br>
                          <br>
                          As part of the recommendations and references
                          at this point what resources should we be
                          highlighting? <br>
                          <br>
                          The reason to ask the question is that some of
                          the guides are in the process of being
                          re-written and there was a discussion about
                          flagship proects etc. <br>
                          <br>
                        </div>
                        We have already done extensive coverage of<br>
                        <br>
                      </div>
                      1. OWASP ZAP<br>
                    </div>
                    2. OWASP Top 10 2010 and 2013<br>
                  </div>
                  <div>3. OWASP BWA <br>
                  </div>
                  4. OWASP OWTF - Being covered in our meet on the 13th
                  Dec<br>
                  <br>
                </div>
                We would like to do more with<br>
              </div>
              - The new Dev guide<br>
            </div>
            - ASVS Document<br>
            <br>
            <br>
          </div>
          Also, this sort of email is better for the chapters list or
          the leaders list? I always get confused about that. <br>
          <br>
        </div>
        Thank you. <br clear="all">
        <div>
          <div>
            <div>
              <div>
                <div>
                  <div>
                    <div>
                      <div>
                        <div>
                          <div>
                            <div><br>
                              -- <br>
                              <div>Warm regards,<br>
                                Akash Mahajan<br>
                                <br>
                                <i>That Web Application Security Guy</i>
                                | +91 99 805 271 82<br>
                                <a href="http://akashm.com" target="_blank">akashm.com</a> | <i>@makash</i>
                                on twitter | <a href="http://linkd.in/webappsecguy" target="_blank">linkd.in/webappsecguy</a><br>
                                <i>OWASP Bangalore Chapter Lead | null
                                  Community Manager</i><br>
                              </div>
                            </div>
                          </div>
                        </div>
                      </div>
                    </div>
                  </div>
                </div>
              </div>
            </div>
          </div>
        </div>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      <pre>_______________________________________________
OWASP-Leaders mailing list
<a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank">OWASP-Leaders@lists.owasp.org</a>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a>
</pre>
    </blockquote>
    <br>
  </div>

______________________________<u></u>_________________<br>
OWASP-Leaders mailing list<br>
<a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank">OWASP-Leaders@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank">https://lists.owasp.org/<u></u>mailman/listinfo/owasp-leaders</a><br>
</blockquote></div>