[OCC] OWASP and governments

Robert Hansen robert at sectheory.com
Wed Aug 11 14:13:09 EDT 2010

	Hey, Lucas - not to speak for OWASP as a whole, but we have spent quite a bit of time talking about Brazil in particular.  Most importantl, like Dinis said, Brazilian government had a very strong showing and we'd like to leverage that interest into better action on behalf of OWASP.  To be blunt and honest, we don't have a formal best practice built for dealing with governments, but I'd like to think that Brazil could be our foray into exactly that.

	A few ideas that we talked about were working with your government to define a set of best practices around quality assurance (including OWASP training for professional QA testers), and defining laws around how to build and test secure applications.  We could also use support for building better tools, methodologies and so on through appropriate funding.  There's really a lot here that we could do, so it all comes down to the appetite of volunteers on OWASP's side and what you think the government's appetite is to help as well.  I think we're certainly open to ideas.

	Again, I don't speak for all of OWASP, but I think this could be a great thing both for Brazil and OWASP.

Robert Hansen, CISSP
CEO -- SecTheory Ltd
Cell: (530) 521-2542
FAX: (512) 628-6299

-----Original Message-----
From: owasp-connections-committee-bounces at lists.owasp.org [mailto:owasp-connections-committee-bounces at lists.owasp.org] On Behalf Of dinis cruz
Sent: Wednesday, August 11, 2010 1:06 PM
To: Lucas Ferreira; global_industry_committee at lists.owasp.org; owasp-connections-committee; OWASP Foundation Board List
Subject: Re: [OCC] OWASP and governments

Hey guys (board, industry and connections) can you help with Lucas request below?

The Brazilian goverment had a great present at the last OWASP conference and we really need to leverage that

Dinis Cruz

Blog: http://diniscruz.blogspot.com
Twitter: http://twitter.com/DinisCruz
Web: http://www.owasp.org/index.php/O2

On 11 August 2010 02:00, Lucas Ferreira <lucas.ferreira at owasp.org> wrote:

	Hello Dinis,

	I have an appointment tomorrow with some people from the Brazilian Presidency (actually people from the Department of Information and Communication Security). They have several actions regarding Information Security and I am trying to get them closer to the OWASP Brazilian Chapter. I'd also like to involve OWASP as a whole in this potential cooperation.

	Do we have any active government-related activities going on? Do we have a baseline on what we can achieve or goals on OWASP-government collaborations?



	Homo sapiens non urinat in ventum.

More information about the Owasp-connections-committee mailing list