[WASC-WAFEC] "Aspect" the Worst

Christian Heinrich christian.heinrich at cmlh.id.au
Sun Nov 18 06:26:32 EST 2012


On Thu, Nov 1, 2012 at 9:19 PM, Jeff Williams
<jeff.williams at aspectsecurity.com> wrote:
> Thanks for the laugh.  If OWASP can help promote WAFEC, then of course
> you're welcome.

What I am actually laughing at is Aspect Security attempting to
distance themselves from the OWASP Brand but still attempting to
exploit it at the same time e.g.
http://twitter.com/aspectsecurity/status/266633771326005250 (note that
OWASP is not referenced at all) and I see you removed the quote of how
Aspect profiteered from OWASP from

But lets not just take my word for it, rather that of former Aspect
Security employees such as

I myself did enjoy participating in how the OWASP Board manipulated
the selection Project Leader fo the "Aspect Security" Verification
Standard (ASVS) in pre-selecting "surprise" Aspect Security without
due process i.e.

Then we have Pravir complaining about how Aspect Security are
attempting to steal OpenSAMM i.e.
oh of course you told him but care to justify why Pravir would host
OpenSAMM independently of owasp.org at http://www.opensamm.org/

... and my personal favoriate has to be

Looks like I am not the only one who shares this view considering
Andrew, Pravir and Yiannis have all expressed interest influencing the
OWASP board position which would kind of indicate that there are
serious governance issues.

Christian Heinrich


More information about the wasc-wafec mailing list