On Wed, Feb 4, 2009 at 7:26 PM, Paco Hope wrote:
>
> Andy also said "I think we lose something when we start saying 'everything
> is
> relative.'" I think we lose something more important if we try to impose
> abolutes: we lose the connection to the business. No business operates on
> absolutes a
> For starters I believe you misinterpreted my comments on QA. I was in
> no way slamming their abilities. With this in mind comments below.
Sorry about that. I am sensitive to the bias. I went to a very small company
once (10 people total) and as I looked around I saw offices with big LCDs (I
ass
On Wed, Feb 4, 2009 at 11:17 AM, Paco Hope wrote:
> Before anyone talks about vulnerabilities to test for, we have to figure
> out what the business cares about and why. What could go wrong? Who cares?
> What would the impact be? Answers to those questions drive our testing
> strategy, and ultim
For starters I believe you misinterpreted my comments on QA. I was in no way
slamming
their abilities. With this in mind comments below.
> Before anyone talks about vulnerabilities to test for, we have to figure ou=
> t what the business cares about and why. What could go wrong? Who cares? Wh=
>
Hello SC-L
I just pushed OWASP Podcast #6 live at
http://www.owasp.org/index.php/Podcast_6 - an OWASP Roundtable with
Brian Holyfield, Marcin Wielgoszewski, Andre Gironda and myself, Jim
Manico. Our focus was WAF's.
Thanks and I hope you enjoy,
Jim Manico