[Owasp-leaders] Should OWASP have an Enterprise Architecture?

Andrew van der Stock vanderaj at owasp.org
Thu Nov 27 00:47:25 EST 2008


Recently David Meier made contact with me re: Development Guide 3.0  
work. I have tasked him with hopefully working on the architecture  
chapter for the Development Guide 3.0. This will be 3000 words of  
architectural goodness, which we have discussed as being possibly the  
basis for an "OWASP Architecture Guide".

I think the first step is to get a rough draft of the chapter and see  
if that's where everyone's head space is at. Remember, this chapter  
solves the Development Guide's issues in the first instance. We can  
always fine tune or extend it considerably into its own Guide later to  
solve other issues or be more complete.

thanks,
Andrew

On Nov 20, 2008, at 6:32 PM, dinis cruz wrote:

> I agree with James that there are parts of OWASP that should have a  
> technological roadmap and an enterprise architecture (in fact I had  
> a conversation at the Summit on this exact subject).
>
> I view this as part of the maturing of OWASP technology and tools.  
> It is not a show stopper at the moment, but if we keep growing at  
> the current pace, it will defenitely become an issue in 12 to 18  
> months
>
> The question is who is going to have a go at it :)
>
> Dinis  Cruz
>
> 2008/11/18 McGovern, James F (HTSC, IT) <James.McGovern at thehartford.com 
> >
> I know that OWASP is driven by its members and will go wherever they  
> lead them, but does that mean that OWASP should not have a roadmap?  
> How does OWASP move up the maturity ladder? How does OWASP help  
> drive value above and beyond just creating a loose collection of  
> projects such that they form a cohesive whole?
>
> Does OWASP need an enterprise architecture?
>
> ************************************************************
> This communication, including attachments, is for the exclusive use  
> of addressee and may contain proprietary, confidential and/or  
> privileged information.  If you are not the intended recipient, any  
> use, copying, disclosure, dissemination or distribution is strictly  
> prohibited.  If you are not the intended recipient, please notify  
> the sender immediately by return e-mail, delete this communication  
> and destroy all copies.
> ************************************************************
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


thanks,
Andrew van der Stock
Lead Author, OWASP Guide and OWASP Top 10




-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-leaders/attachments/20081127/b58be2eb/attachment.html 


More information about the OWASP-Leaders mailing list