In addition to running CGISecurity I also participate heavily in The Web Application Security Consortium and its projects. I sent the following email to The Web Security Mailing List seeking participants for v2 of the WASC Threat Classification document.
"I'm sending this email to the list seeking people to contribute towards The Threat Classification
Version 2.0. The first version of this documented is located at http://www.webappsec.org/projects/threat/ and has been translated into several languages. Version 2 focuses on addressing new vulnerabilities
discovered since the first version was released, as well as to provide updates to the existing sections.
About the Threat Classification
"The Threat Classification is an effort to classify the threats that can lead to the compromise of a website, its data, or its users."
At this stage 90+% of the core content is drafted and we're seeking people to provide feedback on the
remaining sections. This would involve reading a section and providing comments to a mailing list with
things you think could be improved. Those contributing towards this project will be fully credited in the final document which we hope to have released around the end/beginning of the year. "
If you're interested please contact me or post a comment to this news story..