The OWASP testing guide version 3 has been officially released.
This project is part of the OWASP 2008 Summer of Code that started on April 2008. The guide resulted in a 349 page book and is the contribution of a team of 21 authors, 4 reviewers and 6 months of hard and great team work.
You Can Download the Guide Now Here:
I contributed to the guide vs 2 by writing section 5.1: How To Value Real Risk authored the introduction part of the version 3, security requirement test derivation (pages 24-39).
I welcome any comments that can help improving the guide by asking you to join the mailing list herein:
If you are interested, presentations can be arranged too by inqurying OWASP.
Some presentation material is also available herein: