[Owasp-leaders] 2012 Rugged Summit
tomb at owasp.org
Thu Aug 30 20:18:02 UTC 2012
Good feedback -- cc to the guys leading the effort.
A suggestion was already floated on getting it up on a wiki hmmm I know a group that has a wiki *cough* https://www.owasp.org/index.php/Category:OWASP_RuggedSoftware -- for community review and contribution to sections or to take inbound feedback for Version 5.0 or a another working group that is open to anyone who wants to attend and contribute.
Will relay what we hear to the list; poke the badgers, bears and ice-T @ http://www.ruggedsoftware.org/about.html
From: Jerry Hoff [mailto:jerry at owasp.org]
Sent: Thursday, August 30, 2012 2:24 PM
To: tomb at owasp.org
Cc: <owasp-leaders at lists.owasp.org>
Subject: Re: [Owasp-leaders] 2012 Rugged Summit
Nice work! Although my first reaction was: Honey badgers? Ice-T? Seriously?
I think this is an interesting document - but I hope as an organization and as an industry we focus on reproducible best practices, quantitative metrics and real data behind works such as this one, rather than yet another reformulation / restatement of the same basic advice we as an industry have been preaching over the years.
A guide such as this coming out of actual metrics and real-world best practices would be much more appealing. The blurbish case studies at the end should have driven the document, instead of the other way around.
Not trying to be antagonistic - just food for thought.
On Aug 30, 2012, at 1:49 PM, "Tom Brennan" <tomb at owasp.org> wrote:
> A Software Security Philosophy *RELEASED* 2012-Aug is creating quite a buzz around in a very short time -- this was a HOT TOPIC at last week's DHS / US-CERT event in the USA.
> In summary a group of well-known participants spent a week together, developing the details; kudos to them for volunteering their time with attribution to OWASP
> Justin Berman
> John Bernero
> Nick Coblentz
> Josh Corman
> Gene Kim
> Jason Li
> John Pavone
> Ken van Wyk
> John Wilander
> Jeff Williams
> Chris Wysopal
> If you would like to get involved see: http://www.ruggedsoftware.org/about.html
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
More information about the OWASP-Leaders