Reshape OWASP Mobile Security Wiki

[Jeroen Willemsen]

Hi all,
the current OWASP Mobile Project wiki ( https://www.owasp.org/index.php/OWASP_Mobile_Security_Project ) contains quite some outdated project-pages and pages with hardly any metadata on versioning/age, etc. This is why I will clean it up today and more more older pages to the archive. If you have an active OWASP mobile security related project. Please let me know, so i can add links to your project as well.

With kind regards,
Jeroen Willemsen

[Jeroen Willemsen]

Hi all,

Another small update on this subject: I have cleared up the project-page https://www.owasp.org/index.php/OWASP_Mobile_Security_Project and want to move ahead with cleaning up the remaining tabs, but for these i wonder: who is in charge of:

- https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Secure_M-Development

- https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Top_10_Mobile_Controls

as we want to clean this up/update it to a better shape and/or migrate some of it towards the MASVS/MSTG. 

Given the beauty of https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Threat_Model_Project  I wonder: what is the current status of that project? 

With kind regards,

Jeroen 

[Elie Saad]

Hi Jeroen :)

It seems like the 2 most probable ones to talk to are Jim Manico and Milan Singh Thakur.
Jim can be reached through Twitter: https://twitter.com/manicode
Milan can be reached through LinkedIn: https://www.linkedin.com/in/milansinghthakur/

I am pretty sure Jim will reply, and if you want I can hit him up. I have no prior experience with Milan, so I don't know what's his activity like.

Best Regards,
Elie Saad

[Jim Manico]

Whats up how can I help?

--
Jim Manico
@Manicode
(808) 652-3805

> --
> You received this message because you are subscribed to the Google Groups "OWASP Mobile Top 10 Risks" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-1...@owasp.org.
> To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/owasp-mobile-top-10-risks/d6c10f09-0f2c-4ef3-889e-ca7f3ae3b972%40owasp.org.

[Elie Saad]

Hi Jim! Might you know who is in charge of the following mobile projects:

- https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Secure_M-Development
- https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Top_10_Mobile_Controls

- https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Threat_Model_Project

Jeroen and the team are looking to clean up the Mobile Security Project.

[Jim Manico]

I dont know. Just remove then for now and list them in an “archive” section for now is my suggestion. Is that cool?

--
Jim Manico
@Manicode
(808) 652-3805

> --
> You received this message because you are subscribed to the Google Groups "OWASP Mobile Top 10 Risks" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-1...@owasp.org.

> To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/owasp-mobile-top-10-risks/a28d87e4-3115-4dd2-92fd-3bef2ff75997%40owasp.org.

[Jeroen Willemsen]

Hi all,

Sounds like a plan! We will start that in a later stage, for now we have the following announcement:

we want to reshape https://www.owasp.org/index.php/OWASP_Mobile_Security_Project into a general overview of all the mobile security related projects even further, by giving the OWASP top 10 a new home: https://www.owasp.org/index.php/OWASP_Mobile_Top_10 . Then we will remove the "project-related" overhead a bit as well.

If anybody objects: feel free to email back and/or slack me on OWASP slack.

With warm regards,

Jeroen

On Wednesday, July 17, 2019 at 5:18:37 PM UTC+2, Jim Manico wrote:

I dont know. Just remove then for now and list them in an “archive” section for now is my suggestion. Is that cool?

--
Jim Manico
@Manicode
(808) 652-3805

> On Jul 16, 2019, at 9:23 PM, Elie Saad <> wrote:
>
> Hi Jim! Might you know who is in charge of the following mobile projects:
> - https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Secure_M-Development
> - https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Top_10_Mobile_Controls
> - https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=M-Threat_Model_Project
>
> Jeroen and the team are looking to clean up the Mobile Security Project.
>
> --
> You received this message because you are subscribed to the Google Groups "OWASP Mobile Top 10 Risks" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to <>

[Elie Saad]

I agree to the requested amendment.
One thing first though. A cleanup is a must. Having too many URLs with almost similar names is not fun for new-comers. Some examples:
https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Top_Ten_Mobile_Risks
https://www.owasp.org/index.php/Mobile_Top_10_2016-Top_10

There is the old mobile security project as well:
https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project

Let me know how you'd like to have the Mobile top 10 in order to assist in preparing the template.

I believe Threat Modeling can be integrated as another project as well, where it can contain how to threat model from a big picture, then have a more robust and technical explanation, and with some references to slides, videos, courses.

[Jeroen Willemsen]

Great! Regarding the too many urls, I was wondering: Harold can you help us out with this by cleaning up some of the older project materials? 

For the Mobile Top 10: I hoped to end up with a similar project page as we have for the MSTG: so with the logo, the lab-level-banner, etc, main content on the left, leaders/presentations/mailinglist on the right & an achknowledgement tab. Let's start on monday if there is no objection filed by then ;-).

Regarding the threatmodelling: I know we had quiet some concersations on OSS19 regarding picking it up again, so I hope that people will pick up the mobile threat modelling again... as i do believe that the mobile part of the threatlandscape looks quiet different from using a laptop+browser :). So cleaning it up later, could be a valid alternative to me as well.

With kind regards,

Jeroen Willemsen

[Jim Manico]

Jeroen,

You’re being very smart about this. I say just charge and make it happen! :)

--

Jim Manico

@Manicode

(808) 652-3805

--

You received this message because you are subscribed to the Google Groups "OWASP Mobile Top 10 Risks" group.

To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-1...@owasp.org.
To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/owasp-mobile-top-10-risks/bfe0bd4f-c357-4973-b46d-df41f48d5a43%40owasp.org.

[Jeroen Willemsen]

Hi Jim,

thanks!

I have updated the mobile top 10 project page to: https://www.owasp.org/index.php/OWASP_Mobile_Top_10

I have updated the mobile security project page to: https://www.owasp.org/index.php/OWASP_Mobile_Security_Project

Feel free to further update it if necessary ;-).

With kind regards,

Jeroen 

Jeroen,

To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-10-risks+unsub...@owasp.org.

[Scott King]

Jeroen,

Are you finished deleting links? Im linking to this https://www.owasp.org/index.php/OWASP_Mobile_Top_10 in a blog for next week and I don't want a dead link.

Thank for your contributions!

Regards,

Scott

Scott King  |  +1 (214) 316-0746  |  On LinkedIn  |  #MobileSecurity

Jeroen,

To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-1...@owasp.org.

To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/owasp-mobile-top-10-risks/bfe0bd4f-c357-4973-b46d-df41f48d5a43%40owasp.org.

--

You received this message because you are subscribed to the Google Groups "OWASP Mobile Top 10 Risks" group.

To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-1...@owasp.org.
To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/owasp-mobile-top-10-risks/c24aed1e-4269-4fa1-8fb6-4ccef1013fe5%40owasp.org.

[Jeroen Willemsen]

Hi Scott,

this is indeed the stable link / new link for the mobile top 10 project. So that will not be deleted: you're blog is safe for a loooooong time! 

Note, the old (https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Top_Ten_Mobile_Risks) link is not dead either, it just redirects to the new one. Next: any missing links of old tabs at the Mobile Security page will not be dead either: they will navigate you to the home of the project, with links to active projects and archived pages.

With kind regards,

Jeroen 

Jeroen,

To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-10-risks+unsub...@owasp.org.

To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/owasp-mobile-top-10-risks/bfe0bd4f-c357-4973-b46d-df41f48d5a43%40owasp.org.

--
You received this message because you are subscribed to the Google Groups "OWASP Mobile Top 10 Risks" group.

To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-10-risks+unsub...@owasp.org.

[Jim Manico]

It all looks SO CLEAN! Thank you!

- Jim

To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-1...@owasp.org.
To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/owasp-mobile-top-10-risks/c24aed1e-4269-4fa1-8fb6-4ccef1013fe5%40owasp.org.

-- 
Jim Manico
Manicode Security
https://www.manicode.com

[Jeroen Willemsen]

Thanks Jim!

And thank you Elie & Sven for helping me out to accelerate this!

With kind regards/met vriendelijke groet,
Jeroen Willemsen
Projectleader MSTG, Check it out at https://github.com/OWASP/owasp-mstg
Sent from a mobile device with autocomplete

Op zo 28 jul. 2019 22:42 schreef Jim Manico <j...@manicode.com>:

Jeroen,

To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-1...@owasp.org.
To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/owasp-mobile-top-10-risks/bfe0bd4f-c357-4973-b46d-df41f48d5a43%40owasp.org.

--
You received this message because you are subscribed to the Google Groups "OWASP Mobile Top 10 Risks" group.
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-mobile-top-1...@owasp.org.
To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/owasp-mobile-top-10-risks/c24aed1e-4269-4fa1-8fb6-4ccef1013fe5%40owasp.org.

[Milan Singh Thakur]

 Good work Jeroen...

Cheers..!!

To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/owasp-mobile-top-10-risks/CA%2Bq0Zvq7cpUPooxtrQ0fC_g3DoAbLXDafGr9rrC31L_EDj9y-Q%40mail.gmail.com.