[Owasp-board] SWAMP update

Fabio Cerullo fcerullo at owasp.org
Fri Mar 20 09:01:15 UTC 2015


Hi Patrick,

Those are great news.

We have indeed received your project submission. Please let us know once the source code is available on Github so we could set up your project in the wiki and announce it as an official OWASP project.

Any questions please let me know.

Thanks 
Fabio 

Sent from my iPhone

> On 17 Mar 2015, at 14:54, Beyer, Patrick <PBeyer at continuousassurance.org> wrote:
> 
> Hi Fabio,
> 
> 
> Sorry for the tardy response.
> 
> We are extremely close on the Open source release of the SWAMP code to GitHub.
> 
> One last hoop to jump through is generating a report of the Vulnerability analysis of the code for DHS.
> 
> Once the report is completed (Hopefully by the end of the week) we will be able to release the code.
> 
> But as always the SWAMP is open for business and can be used at anytime!
> 
> Is there any word on our project submission to OWASP?
> 
> Thanks
> 
> 
> Patrick Beyer, PhD PMP
> Project Manager
> Software Assurance Market Place
> O:(608) 316-4664
> C: (609) 509-5203
> www.continuousassurance.org
> 
> Pbeyer at continuousassurance.org
> Pbeyer at Morgridge.org
> pbeyer2 at wIsc.edu
> 
> 
> 
> From: Fabio Cerullo <fcerullo at owasp.org>
> Date: Mon, 2 Mar 2015 17:55:29 +0000
> To: "Beyer, Patrick" <PBeyer at continuousassurance.org>
> Cc: OWASP Board List <owasp-board at lists.owasp.org>, Kevin Greene <kevin.greene at hq.dhs.gov>
> Subject: Re: SWAMP update
> 
> Patrick
> 
> I hope you are keeping well.
> 
> Just wanted to catch up with you as there is some traction at OWASP to scan some of our projects codebase using the SWAMP.
> 
> Do you think the SWAMP is ready to be 'open-sourced' and adopted by OWASP?
> 
> Thanks
> Fabio
> 
> 
> 
>> On Fri, Oct 17, 2014 at 7:28 PM, Beyer, Patrick <PBeyer at continuousassurance.org> wrote:
>> We are just getting data on how long it will take us to sanitize our code and have it ready for release. 
>> Its about 40 hours of work right now and we just have to fit it into the Schedule..
>> 
>> I’m waiting on that to move forward on the Application..
>> 
>> Patrick D. Beyer, PhD, PMP
>> Software Assurance Marketplace (SWAMP)
>> Morgridge Institute for Research
>> O:(608) 316-4664
>> C: (608) 509-5203
>> Pbeyer at morgridgeinstitute.org
>> pbeyer2 at wisc.edu
>> 
>> 
>> From: Fabio Cerullo <fcerullo at owasp.org>
>> Date: Friday, October 17, 2014 at 12:25
>> To: Pat Beyer <pbeyer at continuousassurance.org>
>> Cc: OWASP Board List <owasp-board at lists.owasp.org>, Kevin Greene <kevin.greene at hq.dhs.gov>
>> Subject: Re: SWAMP update
>> 
>> Patrick
>> 
>> No problem at all and thanks for the update. 
>> 
>> I reviewed the functionality doc and it seems you have some busy months ahead of you. As part of the roadmap, it would be very useful if you could highlight when are you planning to open source the platform so it could be "adopted" as an OWASP project. If you have any questions regarding this process, please let us know. 
>> 
>> All the best,
>> 
>> Fabio
>> 
>>> On Friday, October 17, 2014, Beyer, Patrick <PBeyer at continuousassurance.org> wrote:
>>> Fabio et al,
>>> 
>>> Sorry for my Delayed response, things are getting crazy (In a good way)…
>>> 
>>> I want to give the board Good accurate information so it was taking me some time to verify.
>>> 
>>> Lets start with me sharing our Functionality by release document which shows what functionality we plan on within the next twelve months.
>>> 
>>> We just released version 1.11 on 16 Oct 2014..
>>> 
>>> I will be DILIGENTLY working on OSWAP / SWAMP Timeline for the boards review here in the next week or so.
>>> 
>>> Thanks for being Patient!
>>> 
>>> 
>>> Patrick D. Beyer, PhD, PMP
>>> Software Assurance Marketplace (SWAMP)
>>> Morgridge Institute for Research
>>> O:(608) 316-4664
>>> C: (608) 509-5203
>>> Pbeyer at morgridgeinstitute.org
>>> pbeyer2 at wisc.edu
>>> 
>>> 
>>> From: Fabio Cerullo <fcerullo at owasp.org>
>>> Date: Thursday, October 16, 2014 at 17:59
>>> Cc: Pat Beyer <pbeyer at continuousassurance.org>, OWASP Board List <owasp-board at lists.owasp.org>, Kevin Greene <kevin.greene at hq.dhs.gov>
>>> Subject: SWAMP update
>>> 
>>> Patrick
>>> 
>>> Hope you are keeping well.
>>> 
>>> I'm contacting you on behalf of the OWASP Board to see whether you had the chance to progress the roadmap discussed at Appsec USA last September.
>>> 
>>> We are looking forward to your response.
>>> 
>>> Thanks and regards
>>> 
>>> Fabio
>>> 
>>>> On Monday, September 22, 2014, Tom Brennan - OWASP <tomb at owasp.org> wrote:
>>>> Patrick,
>>>> 
>>>> You may also want to bookmark this:
>>>> 
>>>> 'STARTING A NEW OWASP PROJECT"
>>>> 
>>>> https://www.owasp.org/index.php/Category:OWASP_Project#tab=Starting_a_New_Project
>>>> 
>>>> This will help everyone using written guidance for new projects.
>>>> 
>>>> Tom Brennan
>>>> Global Vice Chairman
>>>> OWASP Foundation
>>>> 973-202-0122
>>>> tomb at owasp.org | www.owasp.org
>>>> 
>>>> On Sep 22, 2014, at 12:20 PM, Beyer, Patrick <PBeyer at continuousassurance.org> wrote:
>>>> 
>>>> > Absolutely,
>>>> >
>>>> > Give us a few days to work up a good road map based on our conversations last Thursday!
>>>> >
>>>> > We are really excited to build this relationship!!
>>>> >
>>>> > Pat
>>>> >
>>>> > Sent from my iPhone
>>>> >
>>>> > On Sep 21, 2014, at 20:00, "Eoin Keary" <eoin.keary at owasp.org> wrote:
>>>> >
>>>> >> I'd think a call to go through would be beneficial.
>>>> >>
>>>> >>
>>>> >> Eoin Keary
>>>> >> Owasp Global Board
>>>> >> +353 87 977 2988
>>>> >>
>>>> >>
>>>> >> On 21 Sep 2014, at 20:22, Tom Brennan - proactiveRISK <tomb at proactiverisk.com> wrote:
>>>> >>
>>>> >>> Your looking for updated in edition to:
>>>> >>> https://continuousassurance.org/technical-resources/project-roadmap/
>>>> >>>
>>>> >>> The SWAMP FAQ is useful and will be referenced
>>>> >>> https://continuousassurance.org/faqs/
>>>> >>>
>>>> >>>
>>>> >>>
>>>> >>> On Sep 21, 2014, at 5:54 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>>> >>>
>>>> >>>> +1 Eoin.
>>>> >>>>
>>>> >>>> Patrick,
>>>> >>>>
>>>> >>>> I'm eager to find all of the various places where OWASP and SWAMP intersect! I think there is a lot we can do for each other in terms of helping the community achieve excellence in application security.
>>>> >>>>
>>>> >>>> Aloha,
>>>> >>>> Jim
>>>> >>>>
>>>> >>>>
>>>> >>>> On 9/21/14, 12:47 PM, Eoin Keary wrote:
>>>> >>>>> Hi Patrick,
>>>> >>>>> Good meeting this last week.
>>>> >>>>>
>>>> >>>>> Can we look at next steps assuming we can all agree the openness of SWAMP is understood.
>>>> >>>>> Items like the roadmap would be a good discussion point to kick off.
>>>> >>>>> Thanks,
>>>> >>>>> Eoin
>>>> >>>>>
>>>> >>>>>
>>>> >>>>> Eoin Keary
>>>> >>>>> Owasp Global Board
>>>> >>>>> +353 87 977 2988
>>>> >>>>>
>>>> >>>>> _______________________________________________
>>>> >>>>> Owasp-board mailing list
>>>> >>>>> Owasp-board at lists.owasp.org
>>>> >>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>> >>>>
>>>> >>>> _______________________________________________
>>>> >>>> Owasp-board mailing list
>>>> >>>> Owasp-board at lists.owasp.org
>>>> >>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>> 
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150320/49554b58/attachment.html>


More information about the Owasp-board mailing list