[OWASP-TESTING] FW: OWASP Testing, part 1 - comments

Daniel Daniel at deeper.co.za
Tue Oct 19 09:20:47 EDT 2004


it just shows that no matter how much you look at a doc, there are still
blatant errors which the human eye overlooks.

fixed the minor issues, still outstanding:

page 11: the OCTAVE...
page 16: true, not sure why it seems so short
page 26: it should, but why wasnt it?



> A few (marginal) comments below.
> Congrats for the good doc.
>
> Mauro
>
>
> - page 11, regarding the statement
>   'The primary issue with OCTAVE is its use of
> likelihood = 1, or
>   “all risks are equally risky”', I believe it is not
> entirely true;
>   at least, OCTAVE-S (OCTAVE's tailored version for
>   smaller enterprises) provides the means for
> describing the likelihood of
>   future occurrences of a threat (as well as recording
> how often it occurred
>   in the past), i.e. defining probabilities.
>   If I remember correctly, in OCTAVE probabilities are
> an optional feature.
>
> - typo on page 12, should be "if you want to know
> what’s really going on,
>   go straight to the source” instead of "...to
> straight to the source".
> - typo on page 12, should be "or is supposed to be
> happening" instead of
>   ...suppose
> - typo on page 12, should be "Can miss calls to issues
> in compiled libraries"
>   instead of "can missed..."
> - typo on page 16, should be "as" instead of "aw"
>
> - page 16 seems to be incomplete... (isn't it?
>
> - page 26 Figure "Typical SDLC Testing Workflow".
> Shouldn't it include
>   (in the development, deployment sections)
>   test activities to validate the artifact being built
> against functional and
>   non-functional requirements? (the real test cases...
> including
>   acceptance tests if needed after deployment)
>
>
>
>
> _______________________________
> Do you Yahoo!?
> Declare Yourself - Register online to vote today!
> http://vote.yahoo.com
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: the owasp testing project1 - daniel edits.doc
Type: application/msword
Size: 477184 bytes
Desc: not available
Url : http://lists.owasp.org/pipermail/owasp-testing/attachments/20041019/23f32a39/attachment.doc 


More information about the Owasp-testing mailing list