[Owasp-topten] To those complaining about the OWASP top ten changes
robert at webappsec.org
Tue Apr 25 17:54:45 UTC 2017
There's been a lot of complaining about the owasp top ten. I usually don't
interject myself, however I've been in a similar situation.
Before posting about your gripes
1. Remember that classification is hard. If you have a better system
to use, propose it.
2. If you don't have constructive feedback piss off. These people are
volunteering their time to make things better for the industry. Most
(possily all?) aren't getting paid.
3. If you see a conflict of interest, please do call it out. Just be sure
- Robert A.
WASC Co Founder/Threat Classification Project Lead
More information about the Owasp-topten