[Owasp-topten] Extension to Comment Period for 2010 RC1?

Ralph Durkee rd at rd1.net
Wed Dec 16 18:48:53 EST 2009


Are there any of the discussions so far that will result in changes?  
Maybe a summary would help.

-- Ralph Durkee

On Dec 16, 2009, at 1:01 PM, "Dave Wichers" <dave.wichers at aspectsecurity.com 
 > wrote:

> I'm not thinking there is anything deliberate going on one way or the
> other. We just noticed you were planning an update and so avoiding a
> timing conflict seemed prudent for us, that's all.
>
> -Dave
>
> -----Original Message-----
> From: owasp-topten-bounces at lists.owasp.org
> [mailto:owasp-topten-bounces at lists.owasp.org] On Behalf Of Steven M.
> Christey
> Sent: Wednesday, December 16, 2009 12:53 PM
> To: Christian Heinrich
> Cc: OWASP-TopTen at lists.owasp.org
> Subject: Re: [Owasp-topten] Extension to Comment Period for 2010 RC1?
>
>
> On Wed, 16 Dec 2009, Christian Heinrich wrote:
>
>> I would prefer that OWASP didn't venture down the path of competing
> for
>> media attention with SANS due our reputation within the greater  
>> appsec
>
>> community but if you consider the SANS Top 25 is a risk to the OWASP
> Top
>> Ten then it would be advantageous to publish the final at the next
> OWASP
>> Conference in 2010 as this would allow for a comparison with SANS Top
>> 25.
>
> I'm the technical lead for the Top 25 and don't want these efforts to
> appear competitive in any fashion.  I doubt we will get the attention
> that
> we got last year, but you never know.  We included a FAQ question last
> year, but that requires people to actually read it...
>
> http://cwe.mitre.org/top25/faq.html
>
> I'll bring up the issue to the Top 25 community.
>
>> Obviously, SANS could include the entries of the RC in their Top 25  
>> as
>
>> the RC has already been published.
>
> I think this is a good idea and will pursue it as an appendix.
>
> - Steve
> _______________________________________________
> Owasp-topten mailing list
> Owasp-topten at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-topten
> _______________________________________________
> Owasp-topten mailing list
> Owasp-topten at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-topten


More information about the Owasp-topten mailing list