[Owasp-leaders] ISACA Model Curiculum

Juan Carlos Calderon Rojas juan.calderon at softtek.com
Thu Apr 15 10:34:29 EDT 2010


My opinion and recommendation since Portugal was to create a "kind of" learning paths by type of audience into OWASP materials, that is, something like the following:

1. Software Developers, Top 10 => Developers Guide => Code Review Guide => .....
2. Software Provider, Top 10 => Legal Annex => SAMM => ASVS => ...
3. Security Auditor, Top 10 => ASVS => Testing Guide => WebScarab => WebGoat => Orizon => ...
And so on....

So we can have a "Where to Start" section on the main page with big Image buttons and people can simply click on the one more appropriate for his role or what she/he is interested in learning/becoming, That page will contain a list of materials relevant to them and optionally have access to everything else at the site.

Right now we are "forcing" our audience/users to identify by themselves what is more relevant to them, although they don't know the projects/materials, which ends up in the user giving up or taking the wrong decision like choosing Top 10 as an standard even though we have ASVS.

What do you think?

Regards,
Juan Carlos



De: McGovern, James F. (P+C Technology)
Enviado el: Jue 15/04/2010 5:39
Para: owasp-leaders at lists.owasp.org
Asunto: [Owasp-leaders] ISACA Model Curiculum


ISACA has model curiculum which guides Universities into what is required to educate auditors. Should OWASP have something similar for appsec? http://www.isaca.org/Content/NavigationMenu/Students_and_Educators/Model_Curriculum/Model_Curriculum_Info_Sec_Mgmt_15Dec08.pdf
************************************************************
This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information.  If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited.  If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.
************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20100415/6acd6b4d/attachment.html 


More information about the OWASP-Leaders mailing list