[Owasp-testing] Flagship Project Status

Christian Heinrich christian.heinrich at cmlh.id.au
Sun Jun 1 01:38:41 UTC 2014


I note that you have removed the listing of the OWASP Testing Guide as
a Flagship Project without telling the Project Leaders beforehand i.e.
http://lists.owasp.org/pipermail/owasp-board/2014-May/013789.html ?

Based on your own admission to me that your agenda and ulterior motive
is nothing more than to attack Aspect Security as a disgruntled former
employee and to remove the competition of ESAPI to your own alternate
OWASP project (which in my opinion is a conflict of interest for an
OWASP Board Member) As far as I am aware the Testing Guide has little
to do with Aspect Security, aside from their Risk Rating Methodology
which I believe will not included in the upcoming v4 release.

It should be noted that you also protested my removal of the OWASP
Risk Rating Methodology from the Testing Guide because in my own
experience in dealing with you I hold the opinion that your a

I will also remind the OWASP Board of
the fact that everyone considered it poor conduct to inflict on a
volunteer to remove my from both the OWASP Leaders List and mark by
Project without notice or supporting evidence for that matter.  I do
not want to see this happen to other Project Leaders who volunteer to
support OWASP.

Since the next release of the OWASP Testing Guide is imminent, can I
request that this project maintain its Flagship Status?  If not, can
the OWASP Project Reviewer(s) please indicate what the OWASP Testing
Guide lack to maintain their flagship status?

I urge you to reconsider this poor decision.

Christian Heinrich


More information about the Owasp-testing mailing list