[Owasp-topten] OWASP Top 10 2010 Cheat Sheet
dave.wichers at aspectsecurity.com
Tue Feb 9 07:54:45 EST 2010
I think 'some' of the cheat sheets are certainly too long, but they have
enough momentum that I don't want to derail their current approach. We
could certainly pull some of the tutorial or overly detailed material
out and put them in the Guide instead, but they might then be 'lost' in
the size of the guide.
I think we should find a new name for your document, which is very
useful, and make that available as well. Although something even shorter
than the Top 10's level of detail seems pretty tough to develop. It was
hard to do the Top 10 itself.
Maybe your doc should be called the Top 10 checklist, or something??
From: owasp-topten-bounces at lists.owasp.org
[mailto:owasp-topten-bounces at lists.owasp.org] On Behalf Of Andrew van
Sent: Tuesday, February 09, 2010 7:44 AM
To: Mike Boberski
Cc: owasp-topten at lists.owasp.org
Subject: [Owasp-topten] OWASP Top 10 2010 Cheat Sheet
Hi Mike (and everyone),
I think some of the cheat sheets for the Top 10 2010 are far too long.
Most of the material in there repeats things that more properly belong
on the various Guide pages. To me, a cheat sheet is short and sweet -
the things you must do to avoid the issue permanently.
So I created this instead. It covers all Top 10 items in two pages.
Developers really need a single piece of paper they can have on their
desk, and this does it (as long as you double side it!) It assumes some
knowledge, but I'm happy to consider changes to make it work for ab
initio / journeyman developers as long as we can still squeeze into two
Let me know what you think. I'll make changes, and when you're happy,
I'll donate it all to OWASP.
Owasp-topten mailing list
Owasp-topten at lists.owasp.org
More information about the Owasp-topten