[Owasp-topten] 2010 RC1 - Sources of Stats
Christian Heinrich
christian.heinrich at owasp.org
Sun Dec 27 21:39:47 EST 2009
Jeff,
In relation to the the sources of statistics sampled for the OWASP Top
Ten 2010 RC1:
I have been unable to locate the statistics provided by either Aspect
Security or Softtek - are they publicly available and if not (publicly
available) should they be considered in addition to statistics that
are published publicly considering the "Open" in OWASP?
For the MITRE statistics, is the CWE Vulnerability Type Distributions
the sample i.e. http://cwe.mitre.org/documents/vuln-trends/index.html)
or do different statistics constitute their sample
Are statistics from BUGTRAQ still sampled (i.e. there is no mention in
the RC) as it was sampled for prior releases of the OWASP Top Ten?
--
Regards,
Christian Heinrich - http://sn.im/cmlh_linkedin_profile
OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking
Speaking Schedule at http://sn.im/cmlh_speaking_schedule
More information about the Owasp-topten
mailing list