[Owasp-guide] [Owasp-leaders] Call to action: Software Assurance Course syllabus

John Menerick jmenerick at netsuite.com
Tue Feb 12 02:07:35 UTC 2013

<html><body>The Development Guide progress is happening, just slower than expected.  See the mailing list for additional details.


John Menerick

On Feb 10, 2013, at 11:50 PM, Tobias wrote:

> Hi Andrew, 
> interesting. 
> Maybe a small question: will the syllabus and the briefing materials be open content? 
> I also like the idea to use the Development Guide, though we really may want to polish it up before, as the current release version is from 2005 (i.e. 7(!) years old)....
> Back in 2010, I believe we had allocated some budget for the update, but so far I can't see any updates on the project page (but maybe I am looking in the wrong places).
> Best regards, Tobias
> On 29/01/13 11:13, vanderaj vanderaj wrote:
>> The US Department of Homeland Security, along with the CMU SEI and ISC^2 and a few others have set out curricula for undergraduate and masters level software assurance courses. These have been endorsed by the ACM and IEEE, so from my point         of view any further discussion within OWASP on certification is done. We need to create a new generation of tertiary qualified software assurance folks, and this is our chance. 
>> Undergraduate of Software Assurance (SwA) Syllabus:
>> http://www.sei.cmu.edu/reports/10tr019.pdf
>> Masters of Software Assurance (SwA) Syllabus:
>> http://www.sei.cmu.edu/reports/10tr005.pdf
>> If you're a professional, you NEED to download and review this draft software assurance competency model:
>> https://buildsecurityin.us-cert.gov/bsi/1165-BSI.html
>> I'm going to make sure the OWASP Developer Guide can be the preferred text book for both courses, concentrating on the undergraduate syllabus requirements as a priority, and hopefully having sufficient coverage of the masters syllabus. 
>> I'd like OWASP Education Project to develop training modules that provides lecturer ready materials following the syllabus outline and process for both the undergraduate and masters level courses.  We have a few donations that could easily be incorporated into a freely available high quality deck in relatively minimal time.
>> I'd really like the OWASP Testing Guide (and I have a fresh volunteer - please let's talk!) to pick up the baton and just refactor a bit. The Testing Guide is mostly there, it just needs a bit more structure and a bit of renovation, not a root and branch rewrite like the Guide, and is closer to my eventual goal of being able to be updated now and then when important new techniques or attacks come up.  
>> Thoughts? We're gonna need a lot of volunteers! 
>> thanks,
>> Andrew
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> Owasp-guide mailing list
> Owasp-guide at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-guide

NOTICE: This email and any attachments may contain confidential and proprietary information of NetSuite Inc. and is for the sole use of the intended recipient for the stated purpose. Any improper use or distribution is prohibited. If you are not the intended recipient, please notify the sender; do not review, copy or distribute; and promptly delete or destroy all transmitted information. Please note that all communications and information transmitted through this email system may be monitored by NetSuite or its agents and that all incoming email is automatically scanned by a third party spam and filtering service

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-guide/attachments/20130211/72c236a5/attachment.html>

More information about the Owasp-guide mailing list