Monday, July 22, 2013

Message from Andrew Muller: OWASP Testing Guide Project Co-Leader


Hello OWASP Leaders,

Its no secret that many of our projects are not progressing as well as we'd like. One of these is the Testing Guide. The Testing Guide is one of the most visible OWASP products and used by testers all over the world. So Mat and I are giving a three fingered salute to the Testing Guide and getting it back on track. We've cataloged all of the articles that require writing, how much effort is required and started a list of contributors to each of these articles (https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AmEhPtZ0cHq3dDc5ZFI0Nm9oSkhzNkNxTzNJbGdPdVE#gid=0 drop us a line if you'd like to read it). 

Many of the main tasks required for release are now complete, so now we're focused on a sprint to release. For this we need your help. We're asking OWASP leaders to help us find and revive contributors with the time, expertise and [most importantly] commitment to complete the writing of Testing Guide articles. We'll be conducting a set of sprints to get the revision wrapped up and released by the end of 2013.
One of the key tasks we're seeking to achieve is alignment between the Testing Guide and other OWASP products, chiefly the Dev Guide. Finding vulnerabilities is only the halfway point to fixing them. Again, we've cataloged the Test Guide test cases and aligned them with their equivalents in the Dev and Code Review Guides. The list is incomplete, but we're making progress (https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0ArkIkLbjWyP6dGhsNkdGLXhKanZqcklmWG41blZ3WWc#gid=0 again, let us know if you want to read it). 

So if you've worked on the Dev or Code Review Guide, we could also use your help. Sam G will be helping us wrangle the contributors (including Mat and myself) so if you hear from her, please don't ignore her. Even two words in an email will let everyone know how you're progressing.
Thanks for your help.regards,
 
Andrew Muller
Testing Guide Project co-leader
Canberra, Australia chapter leader

No comments: