<div>Thats great.</div>
<div>Nice to see the guide getting around.<br><br>&nbsp;</div>
<div><span class="gmail_quote">On 23/01/07, <b class="gmail_sendername">Jeff Williams</b> &lt;<a href="mailto:jeff.williams@aspectsecurity.com">jeff.williams@aspectsecurity.com</a>&gt; wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div lang="EN-US" vlink="purple" link="blue">
<div>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Hi,</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&nbsp;</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Just wanted to let you know that the Department of Homeland Security (DHS) and others are actively looking at the Testing Guide.&nbsp; They asked me (last minute) to talk about it at one of their SwA working group meetings.
</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&nbsp;</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&gt; Congratulations on version 2 of the OWASP Testing Guide!</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&gt; It is an impressive and informative document that will</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&gt; greatly benefit the software development community.</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&gt; Joe Jarzombek, the Deputy Director for Software Assurance</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&gt; at DHS, as well as myself (as co-chair of the DHS Software Assurance</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&gt; Technology, Tools and Product Evaluation Working Group)</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&gt; are wondering if you would be interested in presenting the Testing</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&gt; Guide at the upcoming DHS SwA workshop at CTC Incorporated ( in</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&gt; Annapolis Junction) on Monday January 22.</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&nbsp;</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Here is the presentation I gave.</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&nbsp;</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><a onclick="return top.js.OpenExtLink(window,event,this)" href="https://www.owasp.org/index.php/Image:OWASP_Testing_Guide_Presentation.zip" target="_blank">
https://www.owasp.org/index.php/Image:OWASP_Testing_Guide_Presentation.zip</a></span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&nbsp;</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">It talks briefly about the Testing Guide, and then goes on to discuss the broader issues related to HOW we build a body of knowledge about application security, the OWASP approach, and why the traditional approaches are doomed. &nbsp;I hope you like it.
</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&nbsp;</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Please forward me any feedback you have on the presentation, as I'm sure it's not the last time.</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&nbsp;</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">--Jeff</span></font></p>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">&nbsp;</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Jeff Williams, Chair</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.owasp.org/" target="_blank">The OWASP Foundation</a></span></font>
</p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">&quot;Dedicated to finding and fighting the causes of insecure software&quot;</span></font></p>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">&nbsp;</span></font></p></div></div><br clear="all"></blockquote></div><br><br clear="all"><br>-- <br>Eoin Keary OWASP - Ireland<br><a href="http://www.owasp.org/local/ireland.html">
http://www.owasp.org/local/ireland.html</a><br><a href="http://www.owasp.org/index.php/OWASP_Testing_Project">http://www.owasp.org/index.php/OWASP_Testing_Project</a><br><a href="http://www.owasp.org/index.php/OWASP_Code_Review_Project">
http://www.owasp.org/index.php/OWASP_Code_Review_Project</a>