[Owasp-leaders] Marketing OWASP

James McGovern JMcGovern at virtusa.com
Mon Oct 18 08:56:45 EDT 2010

Had an idea for how to better market OWASP but first a few mini-stories.


Ever heard of James Governor and Redmonk? He is a noted industry analyst
who brought on the concept of open source analysis. His first open
source research was entitled: Compliance Oriented Architectures. I had a
twitter dialog with him over the weekend regarding future open source
publications in the security space.


Several months I ago, I had a conversation with another noted industry
analyst who covers the information security space who made me a lot
smarter regarding analyst pay-for-play and got enlightened as to why I
had it 100% wrong. The thesis is that it doesn't benefit an analyst firm
to say anything nice about a company, but rather something negative but
otherwise correctable. Since the best way to influence an analyst is to
pay them for their time, the value proposition of being good isn't
always good.


I remember attending the OWASP 2008 NYC conference where I got into a
conversation with Rohyt Belani and how he discussed it was futile to
expect outsourcing firms to write secure software without paying extra
for it. Of course, I took it as a personal challenge to prove him wrong.
I had a very, very small success working with Cognizant in this regard.


I currently share frequent thoughts on maturity as part of the SAMM list
based on my observations of my past and current employer.


So, combining these thoughts, I believe we could do well to
participate/champion/contribute to the creation of an open source
research report that measures the ability of outsourcing firms to
deliver software. If we can inject into the outsourcing conversation
something other than rate arbitrage and CMMI, we may be able to move the
industry. It is OWASP that is best positioned to provide analyst
guidance in this regard and to acknowledge that with the exception of
governments, the vast majority of software development is shifting
towards countries with less overall software development experience.


I would use my internet socialization skills to rally up a few analysts
to write and publish research in this space in a 100% open manner.


James McGovern
Insurance SBU 

Virtusa Corporation

100 Northfield Drive, Suite 305 | Windsor, CT | 06095

Phone:  860 688 9900 Ext:  1037 | Facsimile:  860 688 2890  

  <http://www.virtusa.com/>    <http://www.virtusa.com/blog/>   

Virtusa was recently ranked and featured in 2010 Global Services 100, IAOP's 2010 Global Outsourcing 100 sub-list, 2009 Deloitte Technology Fast 500 and 2009 Dataquest-IDC Best Employers Survey among others.


This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is intended for the addressee only. Any unauthorized disclosure, use, dissemination, copying, or distribution of this message or any of its attachments or the information contained in this e-mail, or the taking of any action based on it, is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this message.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101018/d3f24ffb/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 1397 bytes
Desc: image001.jpg
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101018/d3f24ffb/attachment-0001.jpe 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 744 bytes
Desc: image002.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101018/d3f24ffb/attachment-0004.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1211 bytes
Desc: image003.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101018/d3f24ffb/attachment-0005.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 789 bytes
Desc: image004.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101018/d3f24ffb/attachment-0006.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 763 bytes
Desc: image005.gif
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101018/d3f24ffb/attachment-0007.gif 

More information about the OWASP-Leaders mailing list