Talk:OWASP/Archive 1

merge OWASP Mantra Security Framework here
It has a great many issues and should be trimmed, but it does fall under this open source project and would make sense to mention it here. --Walter Görlitz (talk) 21:08, 28 August 2012 (UTC) ≠≠≠≠≠ — Preceding unsigned comment added by 86.55.176.96 (talk) 10:17, 16 March 2013 (UTC)
 * Comment As you have declined my PROD on this unreferenced promo/COI created topic, you might reasonably have had the impression that I would go straight for an AfD, where your merge preference could be voiced - here Articles for deletion/OWASP_Mantra_Security_Framework Widefox (talk) 15:00, 29 August 2012 (UTC)

Membership organisation?
Am I right in thinking OWASP seems to be a membership organisation rather than a project? Widefox (talk) 22:23, 29 August 2012 (UTC)

I suppose it depends on the definition of membership organization. OWASP is a community of people who have created and published the defacto standards in web application security. Originally, there were no fees associated with membership. And even today you can become a member by declaring yourself a member and participating in OWASP activities. However, there is now a voluntary option for those members choosing to support owasp through financial contributions if they choose to do so. This is different from the term 'membership' as it applies to most organizations. (talk) —Preceding undated comment added 17:56, 13 September 2012 (UTC)

Notability and COI
This article does not meet WP:GNG as there are no indi, 3rd P WP:RS. Editors with a conflict of interest please be read WP:COI so you know in which way to contribute, cheers. Widefox ; talk 14:45, 21 December 2012 (UTC)


 * This article is not in good shape, and that's largely because its just an WP:advert. Dennis has a detailed his COI (in the form of an advert) at User:DennisGroves, and User:Samantha Groves should do similar - please read WP:COI, WP:SPA Widefox ; talk 10:58, 18 June 2013 (UTC)

Other people authored the article about OWASP and I discovered it later. The only edit I made was to correct the incorrect attribution that OWASP was founded by people who were not involved. It was started by Mark Curphey and Myself. Neither of us are paid by OWASP, nor are we involved in the operations, so I do not see how this is a conflict of interest. However, if somebody claims to have written a paper by another author - that is plagiarism, in this case the plagiarism is a article on wikipedia - credit where credit is due.

DennisGroves (talk) —Preceding undated comment added 15:38, 18 June 2013 (UTC)


 * I replied here User talk:DennisGroves. Widefox ; talk 17:35, 18 June 2013 (UTC)
 * I think that the subject is pretty clearly notable; a few sources were found in the AfD, and at least some of the sources provided in the section below are helpful. It's just a matter of the hard work of getting it into the article. Qwyrxian (talk) 22:01, 18 June 2013 (UTC)
 * Agree, I've already removed the notability tag. Widefox ; talk 08:48, 19 June 2013 (UTC)

Here are a few articles to consider. Happy to add these to the main doc, but I want to first understand what is most helpful. MichaelCoates (talk) 23:22, 18 February 2014 (UTC)
 * http://www.cambridgenetwork.co.uk/news/owasp-appsec-europe-2014-call-for-presentations/
 * http://www.computerworld.com/s/article/9190678/Why_gov_t_security_pros_must_attend_OWASP_AppSec_DC
 * http://blogs.computerworld.com/application-security/21621/embrace-comprehensive-security-not-just-top-10
 * http://www.zdnet.com/nullcrew-fts-hacks-comcast-servers-post-exploit-and-passwords-7000026020/
 * http://www.zdnet.com/hackers-access-800000-orange-customers-data-7000025880/
 * http://www.channelpro.co.uk/opinion/8254/web-security-protect-your-assets-protect-your-business

Wikipedia editors
I would like it if the OWASP page was able to meet your standards. As you can see the below the work of OWASP is widely cited by third parties around the world (this table is old, and doesn't include all of the academic citations). OWASP is currently home to over 159 active security projects. OWASP is not a business, it is a community of 36,000 people in 193 countries working toward a common goal. What needs to be done and by whom? DennisGroves (talk)

Project Requirements
International, national governmental and other significant specification, invitation to tender (ITT) and request for proposal (RFP) documents.

Convenience break to comment on above sources
I do believe that some of those above can be included in the article. The product info probably doesn't meet WP:RS or WP:DUE, but a selection of the government documents should be good. We wouldn't even need to write a lot about them; something as simple as "OWASP is regularly cited by national regulations and other governmental studies for their work in computer security" and then append two or three. Which would be best? Qwyrxian (talk) 22:00, 18 June 2013 (UTC)

External links modified
Hello fellow Wikipedians,

I have just added archive links to 1 one external link on OWASP. Please take a moment to review my edit. If necessary, add after the link to keep me from modifying it. Alternatively, you can add to keep me off the page altogether. I made the following changes:
 * Added archive https://web.archive.org/20140820004509/http://awards.scmagazine.com:80/Winners2014 to http://awards.scmagazine.com/Winners2014

When you have finished reviewing my changes, please set the checked parameter below to true to let others know.

Cheers.—cyberbot II  Talk to my owner :Online 08:27, 28 November 2015 (UTC)

Proposed merge with OWASP ZAP
borderline N for both - best together at parent Widefox ; talk 09:39, 28 November 2015 (UTC)