[Owasp-leaders] ISO/IEC 27034

Jason Alexander jason.alexander at owasp.org
Sat Aug 17 14:40:37 UTC 2013


Shame the standard is not released under an open source license. I have
access to it through work and it's a good document.
On 16 Aug 2013 04:34, "Jonathan Marcil" <jonathan.marcil at owasp.org> wrote:

> Hi OWASP Leaders,
>
> The current email is to let you know that I have been invited to
> represent OWASP at an ISO/IEC 27034 (Information technology — Security
> techniques — Application security) meeting by Luc Poulin the main
> project editor. It is held this week at Microsoft office in Montreal.
>
> Basically I'm here to contribute to the discussion with practical
> application security knowledge and OWASP projects. I'm, of course, just
> really speaking "about OWASP" and not "for OWASP".
>
> We are also planning to propose some new OWASP projects, and especially
> one that will create Application Security Controls (ASCs) as described
> in the standard from OWASP Top 10 entries and other projects.
>
> The ASCs in 27034 are actually made in an XML format and are not only
> documentation but a normalized representation of an application security
> control, so the mapping is rather different that was done with OpenSAMM
> on http://www.opensamm.org/2012/04/mapping-samm-to-isoiec-27034/.
>
> You can find more details about the standard at :
> http://www.iso27001security.com/html/27034.html
>
> If anyone is interested on the subject, feel free to reply to this
> email. We haven't even started the process to create the new projects
> but will welcome any help.
>
> Thanks,
>
> --
>  - Jonathan Marcil
>    OWASP Montreal Chapter Leader
>    https://www.owasp.org/index.php/Montr%C3%A9al
>    jonathan.marcil at owasp.org
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130817/41915370/attachment.html>


More information about the OWASP-Leaders mailing list