<div>Thats great.</div>
<div>Nice to see the guide getting around.<br><br> </div>
<div><span class="gmail_quote">On 23/01/07, <b class="gmail_sendername">Jeff Williams</b> <<a href="mailto:jeff.williams@aspectsecurity.com">jeff.williams@aspectsecurity.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div lang="EN-US" vlink="purple" link="blue">
<div>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Hi,</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> </span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Just wanted to let you know that the Department of Homeland Security (DHS) and others are actively looking at the Testing Guide. They asked me (last minute) to talk about it at one of their SwA working group meetings.
</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> </span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">> Congratulations on version 2 of the OWASP Testing Guide!</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">> It is an impressive and informative document that will</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">> greatly benefit the software development community.</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">> Joe Jarzombek, the Deputy Director for Software Assurance</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">> at DHS, as well as myself (as co-chair of the DHS Software Assurance</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">> Technology, Tools and Product Evaluation Working Group)</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">> are wondering if you would be interested in presenting the Testing</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">> Guide at the upcoming DHS SwA workshop at CTC Incorporated ( in</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">> Annapolis Junction) on Monday January 22.</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> </span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Here is the presentation I gave.</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> </span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><a onclick="return top.js.OpenExtLink(window,event,this)" href="https://www.owasp.org/index.php/Image:OWASP_Testing_Guide_Presentation.zip" target="_blank">
https://www.owasp.org/index.php/Image:OWASP_Testing_Guide_Presentation.zip</a></span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> </span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">It talks briefly about the Testing Guide, and then goes on to discuss the broader issues related to HOW we build a body of knowledge about application security, the OWASP approach, and why the traditional approaches are doomed. I hope you like it.
</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> </span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Please forward me any feedback you have on the presentation, as I'm sure it's not the last time.</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> </span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">--Jeff</span></font></p>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Jeff Williams, Chair</span></font></p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.owasp.org/" target="_blank">The OWASP Foundation</a></span></font>
</p>
<p><font face="Arial" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">"Dedicated to finding and fighting the causes of insecure software"</span></font></p>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div></div><br clear="all"></blockquote></div><br><br clear="all"><br>-- <br>Eoin Keary OWASP - Ireland<br><a href="http://www.owasp.org/local/ireland.html">
http://www.owasp.org/local/ireland.html</a><br><a href="http://www.owasp.org/index.php/OWASP_Testing_Project">http://www.owasp.org/index.php/OWASP_Testing_Project</a><br><a href="http://www.owasp.org/index.php/OWASP_Code_Review_Project">
http://www.owasp.org/index.php/OWASP_Code_Review_Project</a>