[Owasp-leaders] Projects looking for volunteers

Azzeddine Ramrami azzeddine.ramrami at owasp.org
Tue Aug 20 16:03:04 UTC 2013


Hi,
I am working as Enterprise Security Architecture and I propose to lead the
following Project: Framework Security.

I am working on SABSA and TOGAF 9.
Regards,

Azzeddine RAMRAMI
+33 6 65 48 90 04
Enterprise Security Architect
OWASP Leader
Mozilla Security Projects Mentor
Mile2 Senior Instructor
------------------------------
From: Michael Coates
Sent: 20/08/2013 16:55
To: OWASP Leaders
Subject: [Owasp-leaders] Projects looking for volunteers

(This will also go to the global initiatives for volutneers too. But we
need some core leaders first).

Leaders,

I have a few projects I've been mulling around in my mind and wanted to
share more broadly. I certainly don't have the cycles to own or lead each
of them. But I'd be happy to provide thoughts or guidance to anyone that
wants to take one and run with it.

*Project*: Framework Security
*Idea*: We need to work with frameworks to get security controls added. I
believe the standalone security features are the wrong approach and think
that the right path for adoption is getting missing controls added to
frameworks.
*Needs*: I propose we create the framework security project to unite 3
groups of people in this effort. Project leaders (to manage the overall
project), lisasons (to work and collaborate with frameworks), developers
(to fork and code the missing security controls).
*Anyone interested? If so, we'll make this a project and start moving.*


*Project*: Application Security Program
*Idea*: A project that captures security programs from end to end. It's not
all about secure coding, pen testing, static analysis etc... This project
will detail real security programs from  corproations developing software.
This includes end to end thinking about security. Think project will also
link to available owasp tools and resource for each stage.
*Needs*: I need a few other security leaders that are running application
security programs in large organizations. For this particular project I
feel security experience from working at a company and leading such a
program is the most needed skill to make this project effective.
*Anyone interested? If so, we'll make this a project and start moving.

*
*Project:* AppSecNews
*Current Status: *Back end support is up and running. We migrated to
feedblitz software that will aggregate multiple rss feeds. We also have
recommended software for our curators to use that allows easy sharing of
articles.
Project Leader: Michael Coates
*Needs*: We'll be looking to formalize this as a project and make a call
for curators (max 3), requests for application security blogs, and also a
mailing list for anyone interested.
*More info: *
https://www.owasp.org/index.php/AppSecNews_Curation
https://www.owasp.org/index.php/Application_Security_News


--
Michael Coates | OWASP | @_mwc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130820/8008ffae/attachment.html>


More information about the OWASP-Leaders mailing list