Hacker News new | past | comments | ask | show | jobs | submit login

I agree with you, and further would say that this has been the case with OWASP for at least a decade.

My take about OWASP on HN has generally been: they're effective at producing communication tools that raise the salience of application security, especially within large companies. And that's about it.

https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...




I think that is how I view them. In particular, I am always surprised when people don't know of them, but I also don't advocate for them too heavily.

Do you have any similar group that you do recommend?


It's not at all the same thing but I try to keep up with whatever PortSwigger is writing on their site, and it's usually pretty high-value.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: