[GPC] New Project: OWASP Software Security Process

Paulo Coimbra pcoimbra at owasp.org
Thu Mar 3 16:59:23 EST 2011


Christian,

The Project lead is being carbon copied. So is the GPC. Do you also
have any idea to share about the posed question?

Thanks,

Paulo

On 3 de Mar de 2011, at 21:39, Christian Heinrich
<christian.heinrich at owasp.org> wrote:

> Paulo,
>
> Would it be possible to clarify the touchpoints with OpenSAMM and the
> OWASP Testing Guide (i.e. OWASP Risk Rating Methodology) in relation
> to this new project?
>
> On Thu, Mar 3, 2011 at 7:00 AM, Paulo Coimbra <paulo.coimbra at owasp.org> wrote:
>> Hello Matteo,
>>
>>
>>
>> Hope you are well. It was a pleasure meeting you the Summit.
>>
>>
>>
>> As for your request, first of all, I thank you for volunteering to lead an
>> OWASP Project.  It is with volunteers like yourselves that OWASP continues
>> to succeed in making application security visible.
>>
>>
>>
>> Secondly, here
>> http://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process#tab=Project_Details
>> is the project’s wiki page which has been placed amongst all the other OWASP
>> Projects http://www.owasp.org/index.php/Category:OWASP_Project#tab=Alpha_Status_Projects.
>>
>>
>>
>> Please check it out and let me know if you find any problems or mistakes and
>> feel obviously free to add any additional information to the project’s wiki
>> page or to request assistance regarding its edition.
>>
>>
>>
>> Thirdly, later on, when your project reaches a point that you'd like OWASP
>> to assist in its promotion, we will need the following to help spread the
>> word about it:
>>
>> - Project Flyer/Pamphlet (PDF file):
>> http://globalprojectscommittee.wordpress.com/2009/07/21/what-is-this-project-flyerpamphlet-thing/.
>>
>>
>>
>>  - Conference style presentation describing the project in at least 3 slides
>> -
>> http://globalprojectscommittee.wordpress.com/2009/07/27/what-is-the-3x-slide-presentation-thing/
>>
>>
>>
>> Fourthly, as work on your project progresses and you are ready to create a
>> new release, please let the Global Projects Committee (GPC) know of the
>> change in status so that we can create the needed template to support it.
>>
>>
>>
>> The GPC can work with you to get your project assessed and moved up the
>> OWASP quality ladder from Alpha to Beta to Stable.  Not every release
>> requires an assessment - feel free to email the GPC if you are unsure about
>> your project's requirements.
>>
>>
>>
>> http://www.owasp.org/index.php/Assessment_Criteria_v2.0
>>
>>
>>
>> That is all for now - I wish you and your project great success.  Thank you
>> for supporting OWASP's mission.
>>
>> Should you have any questions or require any further information, please do
>> not hesitate to contact me.
>>
>>
>>
>> Many thanks, best regards,
>>
>>
>>
>> Thanks,
>>
>> - Paulo
>>
>>
>>
>> Paulo Coimbra,
>>
>> OWASP Project Manager
>>
>>
>>
>> From: Mateo Martinez [mailto:mateo.martinez at owasp.org]
>> Sent: quarta-feira, 9 de Fevereiro de 2011 16:12
>> To: Paulo Coimbra
>> Subject: New Project: OWASP Software Security Process
>>
>>
>>
>> Dear Paulo,
>>
>> I want to start the following project in order to define a process for
>> Software Security:
>>
>> 1. Project Name: OWASP Software Security Assurance Process
>>
>> 2.  Project purpose / overview: To outlines mandatory and recommended
>> processes and practices to manage risks associated with applications.
>> Software Security is equally dependent on people, processes and technology.
>> The effectiveness of the OWASP Software Security Process is continuously
>> measured and is improved through feedback, threat landscape changes,
>> availability of new concepts and tools. Should be the framework to map
>> Requirements, Dev and Testing guidelines for example.
>>
>> 3.  Project Roadmap: Define OWASP Software Security Process -->Integrate all
>> OWASP Guidelines in it --> Review  --> Present to OWASP --> Discuss -->
>> Release
>>
>> 4.  Project links (if any) to external sites,
>>
>> 5.  Project License: Creative Commons Attribution ShareAlike 3.0 license
>>
>> 6.  Project Leader name: Mateo Martínez
>>
>> 7.  Project Leader email address: mateo.martinez at owasp.org
>>
>> 8.  Project Leader wiki account - the username (you'll need this to edit the
>> wiki): Mateo Martínez
>>
>> 9.  Project Contributor(s) (if any) - name email and wiki account (if any)
>>
>> 10.Project Main Links (if any).
>>
>> Please let me know if anything else is required to could start the project.
>>
>> Thank you.
>> Warm regards,
>>
>> Mateo
>>
>> _______________________________________________
>> Global-projects-committee mailing list
>> Global-projects-committee at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/global-projects-committee
>>
>>
>
>
>
> --
> Regards,
> Christian Heinrich
> http://www.owasp.org/index.php/user:cmlh


More information about the Global-projects-committee mailing list