[Owasp-topten] RFC: Common numbering proposal # 3

Mike Boberski mike.boberski at gmail.com
Tue Jan 12 08:22:02 EST 2010


You got it, stay tuned

On 1/12/10, Bil Corry <bil at corry.biz> wrote:
> Boberski, Michael [USA] wrote on 1/11/2010 6:14 AM:
>> Please see http://www.owasp.org/index.php/Common_OWASP_Numbering for a
>> next proposal, refined based on inputs provided so far.
>
> An exercise we did with the Threat Classification numbering system was to
> actually use the the various proposed numbering systems in a sample document
> and see what they looked like when used.  It didn't take long to see that a
> simple numbering system worked best:
>
> 	http://projects.webappsec.org/Threat-Classification-Reference-Grid
>
> So my suggestion would be to find some sample documents where the numbers
> would be used, and try plugging in a few variations and see how they
> read/look.
>
>
> - Bil
>
> _______________________________________________
> Owasp-topten mailing list
> Owasp-topten at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-topten
>


-- 
Mike


More information about the Owasp-topten mailing list