That's interesting - thanks for the update Rohit. I'm curious about one thing, though (and, first, allow me to don my flak jacket). I think integrating with a project like Django to simply *ahem* "build security in" is a great approach, but I hate to see the white paper lost. Why not also look at joining efforts with something like the Rugged Manifesto movement? fwiw.
On 3/11/11 1:14 PM, Rohit Sethi wrote: > Last year we released a project called the Secure Web Application > Framework Manifesto on OWASP. I'd like to announce that we're closing > it, in favor of simply working with Django itself. I'm hoping others > will adopt the same mentality for other popular open source frameworks > and libraries. > > Details here: > http://labs.securitycompass.com/index.php/2011/03/11/closing-the-secure-web-application-framework-manifesto-project/ > > Cheers, > > -- > Rohit Sethi > Security Compass > http://www.securitycompass.com > twitter: rksethi > > > > _______________________________________________ > Secure Coding mailing list (SC-L) SC-L@securecoding.org > List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) > as a free, non-commercial service to the software security community. > Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates > _______________________________________________ -- Benjamin Tomhave, MS, CISSP tomh...@secureconsulting.net Blog: http://www.secureconsulting.net/ Twitter: http://twitter.com/falconsview LI: http://www.linkedin.com/in/btomhave [ Random Quote: ] "Perhaps in time the so-called Dark Ages will be thought of as including our own." Georg Christoph Lichtenberg _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
