[Owasp-testing] Repeated paragraph in PDF of OWASP Testing Guide v4

Tom Brennan - OWASP tomb at owasp.org
Fri Oct 31 15:04:06 UTC 2014


Good catch!


On Fri, Oct 31, 2014 at 10:38 AM, Hookings, Stephen <
stephen.hookings at sap.com> wrote:

>  Hi all
>
>
>
> New to list so apologies if there is an errata section I should have
> checked.
>
>
>
> Firstly I really like the guide. I am co-lead on Security Testing Strategy
> in SAP and we will certainly be using this info to educate our development
> teams.
>
> I am also liking the ASVS too.
>
>
>
> On PDF page 11/224 of OWASP_Testing_Guide_v4.pdf, top right 2nd column:
>
>
>
> For example, in June 2002, the US National Institute of Standards
>
> (NIST) published a survey on the cost of insecure software to the US
>
> economy due to inadequate software testing [3]. Interestingly, they
>
> estimate that a better testing infrastructure would save more than a
>
> third of these costs, or about $22 billion a year. More recently, the links
>
> between economics and security have been studied by academic researchers.
>
> See [4] for more information about some of these efforts.
>
>
>
> While estimating the cost of insecure software may appear a daunting
>
> task, there has been a significant amount of work in this direction.
>
> For example, in June 2002, the US National Institute of Standards
>
> (NIST) published a survey on the cost of insecure software to the US
>
> economy due to inadequate software testing [3]. Interestingly, they
>
> estimate that a better testing infrastructure would save more than a
>
> third of these costs, or about $22 billion a year. More recently, the links
>
> between economics and security have been studied by academic researchers.
>
> See [4] for more information about some of these efforts.
>
>
>
> I know one has to repeat to make a point, but seems to me there is some
> duplication here?
>
>
>
> Regards
> Steve Hookings, SAP Code Analysis team.
>
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-testing/attachments/20141031/1e71a3a5/attachment.html>


More information about the Owasp-testing mailing list