[Owasp-leaders] Call to action: Software Assurance Course syllabus

Tobias tobias.gondrom at owasp.org
Mon Feb 11 07:50:26 UTC 2013

Hi Andrew,

Maybe a small question: will the syllabus and the briefing materials be
open content?

I also like the idea to use the Development Guide, though we really may
want to polish it up before, as the current release version is from 2005
(i.e. 7(!) years old)....
Back in 2010, I believe we had allocated some budget for the update, but
so far I can't see any updates on the project page (but maybe I am
looking in the wrong places).

Best regards, Tobias

On 29/01/13 11:13, vanderaj vanderaj wrote:
> The US Department of Homeland Security, along with the CMU SEI and
> ISC^2 and a few others have set out curricula for undergraduate and
> masters level software assurance courses. These have been endorsed by
> the ACM and IEEE, so from my point of view any further discussion
> within OWASP on certification is done. We need to create a new
> generation of tertiary qualified software assurance folks, and this is
> our chance. 
> Undergraduate of Software Assurance (SwA) Syllabus:
> http://www.sei.cmu.edu/reports/10tr019.pdf
> Masters of Software Assurance (SwA) Syllabus:
> http://www.sei.cmu.edu/reports/10tr005.pdf
> If you're a professional, you NEED to download and review this draft
> software assurance competency model:
> https://buildsecurityin.us-cert.gov/bsi/1165-BSI.html
> I'm going to make sure the OWASP Developer Guide can be the preferred
> text book for both courses, concentrating on the undergraduate
> syllabus requirements as a priority, and hopefully having sufficient
> coverage of the masters syllabus. 
> I'd like OWASP Education Project to develop training modules that
> provides lecturer ready materials following the syllabus outline and
> process for both the undergraduate and masters level courses.  We have
> a few donations that could easily be incorporated into a freely
> available high quality deck in relatively minimal time.
> I'd really like the OWASP Testing Guide (and I have a fresh volunteer
> - please let's talk!) to pick up the baton and just refactor a bit.
> The Testing Guide is mostly there, it just needs a bit more structure
> and a bit of renovation, not a root and branch rewrite like the Guide,
> and is closer to my eventual goal of being able to be updated now and
> then when important new techniques or attacks come up.  
> Thoughts? We're gonna need a lot of volunteers! 
> thanks,
> Andrew
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130211/f6c1b546/attachment-0001.html>

More information about the OWASP-Leaders mailing list