This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

User talk:Jmanico

Revision as of 09:13, 29 June 2016 by Jmanico (talk | contribs) (You deleted HTTP Response Splitting)

Jump to: navigation, search

Jim's Suggestions for 2015 Strategic Plans

Build a scalable OWASP training program that spreads security training around the world

  • Focus on building free and open source training materials for all to use
  • Take existing wiki, powerpoint from talks, powerpoints from trainers who have open sourced content, key OWASP training-centric projects (webgoat, security Shepard, etc) and merge, clean up and professionalize the content into an OWASP branded series of trainings.
  • Produce professional OWASP branded training videos and CBT
  • Focus conference training program on using open source as opposed to proprietary/commercial content
  • As a commercial ILT trainer I have a big conflict of interest over this topic

Strengthen OWASP chapters and increase Chapter’s abilities to spread message of OWASP through locally organized and run events.

  • Even something as simple as a chapter meeting is an "event" so anything to help make even chapter meetings better serves this goal
  • Better plan to help chapters use funds
  • Alert all chapters of existing chapter funds, on a monthly basis, on their public lists. Link to "How to use it to spread the message"
  • Help pollenate cross-chapter meetings (Jerry Hoff)

Mature the OWASP Projects Platform: Provide the OWASP projects community a mature project platform to encourage senior developers to participate in the various and many OWASP projects.

  • Consider hiring senior developer/developers to mature code centric OWASP programs like ESAPI, OWASP Java Encoder, etc.
  • Consider funding security initiatives reviewing various open source projects and software frameworks in common use
  • Connect leads of popular open source frameworks to OWASP community members willing to provide free appsec services, products, etc.
  • Build a new website that is developer centric, pointing to key developers/secure coding projects and materials and other resources

You deleted HTTP Response Splitting

Hi Jim, why did you delete the HTTP Response Splitting page? There is no descriptive information in the "move log". Douglasheld (talk) 04:06, 29 June 2016 (CDT) Douglas, I'm deleting several old projects, I revived the HTTP Response Splitting page and removed some of the legacy junk.