Hi Allison I see that you seem to be rather active on the owasp site I was wondering if you could answer the following question.
I was recently reviewing the version 2 testing guide http://www.owasp.org/index.php/Image:OWASP_Testing_Guide_v2_doc.zip, I was wondering if this is meant to compliment the older version 1 checklists/docs or replace them?
Looking at the reporting table in v2 (pgs 258 to 261) for example, does "OWASP-AT-001 : Default or guessable account" replace the older "OWASP-AUTHN-004 : Default Accounts"?
I'm guessing that v2 replaces the older stuff since there seems to be a lot of overlap, but I wanted to confirm since v2 does not seem to cover absolutely everything that v1 did. The http://www.owasp.org/index.php/OWASP_Testing_Project does not make this clear at all.
I tried emailing Matteo Meucci (matteo <dot> meucci <at> owasp <dot> org) but did not get a reply.
I'm also curious about the status of v3.
Thanks! Kingthorin 08:26, 4 March 2008 (EST)