WebApp Sec mailing list archives

Re: Administrivia: Webappsec Vendor Directory

From: bugtraq () cgisecurity net
Date: Wed, 9 Apr 2008 23:55:47 -0400 (EDT)

Full disclosure I don't work for a security vendor anymore, nor for a security services 
company and my comments are mine alone.

* Ask OWASP and WASC to re-publish the same list as a business
directory on their respective web sites, but most likely that will not
happen as OWASP is about vendor neutrality, and WASC is made up of
many of the vendors mentioned so far.

I won't speak on OWASP's stance as I'm not as informed as you are about theirs, however regarding
your wasc comments I'm going to have to respond to *clarify* your comments about the group since
I've been asked in response to your email.

WASC is very neutral and is made up of vendors, enterprise people, government, developers, security
managers, QA, pen testers and other associated security persons. WASC is run by people of all these
backgrounds and no one company/person has more of a right to change group direction or agenda. This was
an issue many of us had which is why this was specified in our charter (on our website) upon WASC's
creation years ago.

WASC knows that many vendors have employee's who are the leading experts in their field and wants to
work with all *qualified* parties regardless of who they work for while ensuring material published
is neutral and agendaless. Some wasc material may link to vendor materials as we don't discriminate
against valid material/resources simply because of the person or group that authored it.

Regards,
- Robert
http://www.webappsec.org/
http://www.webappsec.org/aboutus.shtml

-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be
considered a crucial phase in the development of any web application. What methodology should be followed? What tools
can accelerate the assessment process? Download this Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------

Current thread:

Re: Top webappsec testing vendors? WebAppSec Mailbox (Apr 09)
- Re: Top webappsec testing vendors? Jamie Riden (Apr 09)
  - Administrivia: Webappsec Vendor Directory Andrew van der Stock (Apr 09)
    - Re: Administrivia: Webappsec Vendor Directory bugtraq (Apr 10)
- <Possible follow-ups>
- Re: Top webappsec testing vendors? Bill Stout (Apr 09)