[Owasp-testing] [Owasp-leaders] Public release of the OWASP TESTING GUIDE v4

Pavol Luptak pavol.luptak at nethemba.com
Sun Sep 28 18:22:31 UTC 2014


Check http://grammarly.com/, they offer professional correctors.

On Sun, Sep 28, 2014 at 05:58:01PM +0200, Tomas Zatko wrote:
>    This is very good idea. I agree.
> 
>    -- 
>    Tomas Zatko, CISSP, CEH
>    http://www.citadelo.com
>    On 28 Sep 2014, at 17:47, Jim Manico <jim.manico at owasp.org> wrote:
> 
>      My suggestion is that we hire a professional to grammar-edit all of our
>      primary documents like the testing guide. Such services are very
>      reasonable in cost.
> 
>      --
>      Jim Manico
>      @Manicode
>      (808) 652-3805
>      On Sep 28, 2014, at 8:43 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
> 
>        I've read it over the last few weeks. There are some typos still
>        there. Before going to print shall we perform one more peer review?
> 
>        Eoin Keary
>        Owasp Global Board
>        +353 87 977 2988
>        On 28 Sep 2014, at 16:30, Ryan Dewhurst <ryandewhurst at gmail.com>
>        wrote:
> 
>          Any news on a paperback version? (from lulu.com?)
>          On Wed, Sep 24, 2014 at 8:20 PM, Matteo
>          Meucci <matteo.meucci at owasp.org> wrote:
> 
>            Hi all,
>            thanks to the fantastic job of Hugo we just upload an updated
>            version of
>            the Guide.
> 
>            You can download it here:
>            https://www.owasp.org/images/5/52/OWASP_Testing_Guide_v4.pdf
> 
>            And it is accessible from here:
>            http://www.owasp.org/index.php/OWASP_Testing_Project
>            https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
> 
>            Thanks!
>            Mat
> 
>            On 17/09/2014 17:03, Andrew Muller wrote:
>            > Folks,
>            >   OWASP is proud to announce the public release of the OWASP
>            Testing
>            > Guide version 4.
>            > As a rich and diverse security community we should be proud of
>            the
>            > achievement and we'd like to thank and congratulate everyone
>            that
>            > authored or reviewed the Guide.
>            > You'll notice several changes between v3 and v4. Some sections
>            have been
>            > renamed, removed or reworked, but overall the OWASP Testing
>            Guide
>            > version 4 improves on
>            > version 3 in three ways:
>            >
>            > *1.* This version of the Testing Guide integrates with the two
>            other
>            > flagship OWASP documentation products: the Developers Guide and
>            the Code
>            > Review Guide. To achieve this we aligned the testing categories
>            and test
>            > numbering with those in other OWASP products. The objective of
>            the
>            > Testing and Code Review Guides is to evaluate the security
>            controls
>            > described by the Developers Guide.
>            >
>            > *2.* All chapters have been improved and test cases expanded to
>            87 (64
>            > test cases in v3) including the introduction of four new
>            chapters and
>            > controls:
>            > - Identity Management Testing
>            > - Error Handling
>            > - Cryptography
>            > - Client Side Testing
>            >
>            > *3.* This version of the Testing Guide encourages the community
>            not to
>            > simply accept the test cases outlined in this guide. We
>            encourage
>            > security testers to integrate with other software testers and
>            devise
>            > test cases specific to the target application. As we find test
>            cases
>            > that have wider applicability we encourage the security testing
>            > community to share them and contribute them to the Testing
>            Guide. This
>            > will continue to build the application security body of
>            knowledge and
>            > allow the development of the Testing Guide to be an iterative
>            rather
>            > than monolithic process.
>            >
>            >
>            > As we continue to improve our tools and documentation, we'd like
>            to ask
>            > you to support OWASP to reach the following goals:
>            >
>            >   *Continuously improve the guide*.
>            > The Guide is a "live" document: we always need your feedback!
>            Tell us
>            > what you love. Tell us what you love less.
>            > Please join our testing mailing list and share your ideas:
>            > http://lists.owasp.org/mailman/listinfo/owasp-testing
>            > <http://lists.owasp.org/mailman/listinfo/owasp-testing>
>            >
>            >   *Promote the Testing Guide*.
>            > We would like to have some more media coverage on the Guide, so
>            please,
>            > if you know somebody that can help please put them in touch with
>            us.
>            > If you have the chance, you can write an article about the
>            Testing Guide
>            > and other new OWASP Projects.
>            >
>            >   *Add 'quotes' to the Guide*.
>            > We made a special 'quotes' pages for the Testing Guide.
>            > Here we'd link you to add comments and references to the Guide.
>            > http://www.owasp.org/index.php/OWASP_Testing_Guide_Quotes
>            > <http://www.owasp.org/index.php/OWASP_Testing_Guide_Quotes>
>            >
>            > The OWASP Testing Guide includes a "best practice" penetration
>            testing
>            > framework which users can implement in their own organizations
>            and a
>            > "low level" penetration testing guide that describes techniques
>            for
>            > testing most common web application and web service security
>            issues.
>            >
>            > Download or browse the Guide now from:
>            >
>            > - https://www.owasp.org/images/1/19/OTGv4.pdf
>            >
>            > -
>            > https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
>            >
>            <https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents>
>            >
>            >
>            > regards,
>            > ____________________
>            > *Andrew Muller*
>            > Canberra OWASP Chapter Leader
>            > OWASP Testing Guide Co-Leader
> 
>            -
>            _______________________________________________
>            Owasp-testing mailing list
>            Owasp-testing at lists.owasp.org
>            https://lists.owasp.org/mailman/listinfo/owasp-testing
> 
>          _______________________________________________
>          Owasp-testing mailing list
>          Owasp-testing at lists.owasp.org
>          https://lists.owasp.org/mailman/listinfo/owasp-testing
> 
>        _______________________________________________
>        OWASP-Leaders mailing list
>        OWASP-Leaders at lists.owasp.org
>        https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
>      _______________________________________________
>      Owasp-testing mailing list
>      Owasp-testing at lists.owasp.org
>      https://lists.owasp.org/mailman/listinfo/owasp-testing



> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing


-- 
Pavol Luptak, CISSP, CEH
OWASP Slovakia chapter leader
http://www.owasp.org/index.php/Slovakia
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4812 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-testing/attachments/20140928/592fef8f/attachment.bin>


More information about the Owasp-testing mailing list