[Owasp-topten] Who Are the Initial Six Sampled?

Dave Wichers dave.wichers at owasp.org
Fri May 31 18:14:52 UTC 2013

At the time of the release candidate, only Veracode and WhiteHat had made
their data public.

The only one who hasn't made data public is Aspect, as I've said before, and
we are working on it. We haven't pushed hard to get our data public given
the delays to get the Top 10 out the door due to all of these discussions
but we will make it public before the release.


-----Original Message-----
From: Christian Heinrich [mailto:christian.heinrich at cmlh.id.au] 
Sent: Thursday, May 30, 2013 11:20 PM
To: Dave Wichers
Cc: OWASP TopTen
Subject: Re: [Owasp-topten] Who Are the Initial Six Sampled?


Can you please indicate what are the private datasets that were released to
Aspect Security under NDA?

Also, is there a reason as to why the release date of the private datasets
has slipped since the OWASP Top Ten 2013 Release was forecasted for at the
latest to be today (31 May) i.e.
http://lists.owasp.org/pipermail/owasp-topten/2013-May/001004.html ?

On Thu, May 30, 2013 at 11:52 PM, Dave Wichers <dave.wichers at owasp.org>
> The Top 10 project already had all the data before the data was made
> They just sent it to the project privately and we analyzed all 6 
> vendors data. After the release candidate was published, someone asked 
> to make all the data public which is a good idea and so I've gotten 
> all the vendors to make their data public (Aspect will publish our 
> data too, we just haven't gotten around to it yet)/ But rest assured 
> we do have the data, and did when we used it to help produce the Top 
> 10, and we will make it public before the final release comes out.

Christian Heinrich


More information about the Owasp-topten mailing list