[OWASP-TESTING] final draft of the outline

Simon Roses Femerling sroses at itdeusto.com
Thu May 5 06:21:57 EDT 2005


That would be great :)

I feel providing direction tips on this arena is important.

Simon Roses Femerling
Consultor en Seguridad / IT Security Consultant
IT Deusto
http://www.itdeusto.com
Madrid, Spain
----- Original Message ----- 
From: "Daniel" <daniel.cuthbert at owasp.org>
To: <owasp-testing at lists.sourceforge.net>
Sent: Thursday, May 05, 2005 10:48 AM
Subject: RE: [OWASP-TESTING] final draft of the outline


> Ok, a small section detailing what an average test should take to complete
> as well as deliverables maybe?
>
> maybe a good way to go is to help people out there distinguish from the
> cowboys offering app testing to the companies/individuals who actually do
> the job correctly
>
>
> Revelli Alberto said:
> > Cost in $$$ can be very fluctuating, I agree.
> > But as long as we stick to a rough estimate in (number_of_testers *
> > test_days), I believe that a few hints could be quite helpful.
> >
> > A.
> >
> >
> > -----Original Message-----
> > From: owasp-testing-admin at lists.sourceforge.net on behalf of Daniel
> > Sent: Wed 5/4/2005 4:55 PM
> > To: owasp-testing at lists.sourceforge.net
> > Subject: Re: [OWASP-TESTING] final draft of the outline
> >
> > I'd like to stay away from the cost factor, as the cost is constantly
> > changing (example, here in the UK, the day rate changes between 1000
> > pounds to 1400 pounds, depending on whom you are dealing with)
> >
> >
> >
> >
> > Simon Roses Femerling said:
> >> Hi all,
> >>
> >> What about cost, project estimation, etc.. ?
> >>
> >> IMO the document should also provide some directions about this matter.
> >> or
> >> is this subject more relevant to
> >> Phase One doc. I know this domain is so vast and dynamic (web servers,
> >> aplication servers, etc..) that is hard to estimate.
> >>
> >> I believe something like OSSTM "Rule of Thumb" would be nice for WAVA,
> >> btw
> >> nice word :)
> >>
> >> Some directions about this subject can be of some benefits, as security
> >> pros
> >> can provide customers with
> >> "real" estimations and customers can get an idea of what to expect of
> >> the
> >> engagement.
> >>
> >> Take care,
> >>
> >> Simon Roses Femerling
> >> Consultor en Seguridad / IT Security Consultant
> >> IT Deusto
> >> http://www.itdeusto.com
> >> Madrid, Spain
> >> ----- Original Message -----
> >> From: "Daniel Cuthbert" <daniel.cuthbert at owasp.org>
> >> To: <owasp-testing at lists.sourceforge.net>
> >> Sent: Wednesday, May 04, 2005 2:06 AM
> >> Subject: [OWASP-TESTING] final draft of the outline
> >>
> >>
> >>> hey all,
> >>>
> >>> Attached is, what i feel, the final draft of the initial outline.
> >>> If everyone is happy with what is included, i'll spend the remainder
> >>> of this week creating the sections in which everyone can choose their
> >>> chosen topic.
> >>>
> >>> Obviously the basic penetration testing tips caused an interesting
> >>> discussion, i'll have a think about the future of them within the
> >>> testing guide.
> >>>
> >>> Look forward to your feedback
> >>>
> >>> Daniel
> >>>
> >>>
> >>
> >>
> >>
> >
> >
> > Daniel
> >
> >
> > -------------------------------------------------------
> > This SF.Net email is sponsored by: NEC IT Guy Games.
> > Get your fingers limbered up and give it your best shot. 4 great events,
4
> > opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
> > win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
> > _______________________________________________
> > owasp-testing mailing list
> > owasp-testing at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/owasp-testing
> >
> >
> >
> >
> > -------------------------------------------------------
> > This SF.Net email is sponsored by: NEC IT Guy Games.
> > Get your fingers limbered up and give it your best shot. 4 great events,
4
> > opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
> > win an NEC 61 plasma display. Visit http://www.necitguy.com/?r
> > _______________________________________________
> > owasp-testing mailing list
> > owasp-testing at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/owasp-testing
> >
>
>
> Daniel
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: NEC IT Guy Games.
> Get your fingers limbered up and give it your best shot. 4 great events, 4
> opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
> win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
> _______________________________________________
> owasp-testing mailing list
> owasp-testing at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/owasp-testing
>






More information about the Owasp-testing mailing list