Comments on: I Repeat Myself When Under Stress, I Repeat Myself When Under Stress http://www.cigital.com/justice-league-blog/2010/02/17/i-repeat-myself-when-under-stress-i-repeat-myself-when-under-stress/ Wed, 30 Nov 2011 15:50:04 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: gem http://www.cigital.com/justice-league-blog/2010/02/17/i-repeat-myself-when-under-stress-i-repeat-myself-when-under-stress/#comment-180 gem Fri, 30 Apr 2010 13:12:30 +0000 http://www.cigital.com/justiceleague/?p=320#comment-180 Not to be outdone, the OWASP guys updated their top ten list as well. Once again, the target of these lists seems to be "the reporters who cover software security" more than anyone else. My major beef with the OWASP Top 10 is that I can see no sane way to calculate "worldwide risk." Is it some kind of average of "actual business risk" over all enterprises on earth? My view is covered here: http://searchsecurity.techtarget.com/magazineFeature/0,296894,sid14_gci1510785_mem1,00.html Oh well, maybe these crazy ideas will go out of vogue one day. gem Not to be outdone, the OWASP guys updated their top ten list as well. Once again, the target of these lists seems to be “the reporters who cover software security” more than anyone else. My major beef with the OWASP Top 10 is that I can see no sane way to calculate “worldwide risk.” Is it some kind of average of “actual business risk” over all enterprises on earth?

My view is covered here:
http://searchsecurity.techtarget.com/magazineFeature/0,296894,sid14_gci1510785_mem1,00.html

Oh well, maybe these crazy ideas will go out of vogue one day.

gem

]]>