[Owasp-leaders] 2012 Rugged Summit

Jerry Hoff jerry at owasp.org
Thu Aug 30 18:24:05 UTC 2012


Hello all,

Nice work! Although my first reaction was: Honey badgers? Ice-T? Seriously? 

I think this is an interesting document - but I hope as an organization and as an industry we focus on reproducible best practices, quantitative metrics and real data behind works such as this one, rather than yet another reformulation / restatement of the same basic advice we as an industry have been preaching over the years.

A guide such as this coming out of actual metrics and real-world best practices would be much more appealing. The blurbish case studies at the end should have driven the document, instead of the other way around. 

Not trying to be antagonistic - just food for thought. 

Jerry





On Aug 30, 2012, at 1:49 PM, "Tom Brennan" <tomb at owasp.org> wrote:

> A Software Security Philosophy *RELEASED* 2012-Aug is creating quite a buzz around in a very short time -- this was a HOT TOPIC at last week's DHS / US-CERT event in the USA.
> 
> http://www.ruggedsoftware.org/docs/RuggedHandbookv4.pdf
> 
> In summary a group of well-known participants spent a week together, developing the details; kudos to them for volunteering their time with attribution to OWASP
> 
>  Justin Berman
>  John Bernero
>  Nick Coblentz
>  Josh Corman
>  Gene Kim
>  Jason Li
>  John Pavone
>  Ken van Wyk
>  John Wilander
>  Jeff Williams
>  Chris Wysopal
> 
> If you would like to get involved see:  http://www.ruggedsoftware.org/about.html
> 
> 
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list