[Owasp-leaders] Fwd: [OWASP ASVS] ASVS 2.0: Volunteers to develop case studies

Sahba Kazerooni sahba.kazerooni at owasp.org
Wed Mar 13 17:25:22 UTC 2013


Hi leaders, as some of you may know, we are working towards a new and
improved ASVS V2.0!

One of the items on our roadmap is to develop one or two major case studies
with companies that have used ASVS successfully.  This will help with
promoting the standard and how it is used by others in the industry.

Has anyone experienced such success, or have any of your
clients/colleagues?  If so, we would appreciate your help in working with
us to put together a case study.

Benefits include:

   - The opportunity to contribute to the project in a way that leaves your
   unique imprint, based on your personal experience in the case study.
   - The development of this material could potentially serve as grounds
   for presentation material at OWASP conferences or chapter meetings.
   - The positive exposure to you and/or your client's organization from
   telling this success story.

Some of the information we'd typically look to collect within a case study
include:

   - A profile of the target organization;
   - The target organization's security landscape prior to ASVS
   implementation (e.g. what policies were already in place, what prompted the
   need for ASVS, etc.);
   - The roadmap or strategy for implementing ASVS (e.g. who was involved,
   how many people, which ASVS level(s) were achieved, how long it took to
   achieve them, challenges, etc.)
   - The resulting effect on the target organization's security posture.

If you or anyone that you know is interested in this opportunity, please
reach out to me directly to coordinate.  Thank you in advance!

-Sahba

---------- Forwarded message ----------
From: Krishna Raja <kraja.lists at gmail.com>
Date: Tue, Feb 12, 2013 at 5:14 PM
Subject: [OWASP ASVS] ASVS 2.0: Volunteers to develop case studies
To: "owasp-application-security-verification-standard at lists.owasp.org" <
owasp-application-security-verification-standard at lists.owasp.org>


Greetings everyone!

As you may know, work is underway on the latest release of ASVS.  A roadmap
has been released, Andrew has made some excellent edits and added useful
content that will serve as a baseline for our next version, and has also
volunteered to take leadership of content updates for the next release.

As part of our roadmap, we are hoping to include some documented case
studies of successful usage/implementation of ASVS in the industry.  Has
anyone experienced such success, or have any of your clients?  If so, would
you be interested in putting together a case study?  Benefits include:

   - The opportunity to contribute to the project in a way that leaves your
   unique imprint, based on your personal experience in the case study.
   - The development of this material could potentially serve as grounds
   for presentation material at OWASP conferences or chapter meetings.
   - The positive exposure to you and/or your client's organization from
   telling this success story.

Some of the information we'd typically look to collect within a case study
include:

   - A profile of the target organization;
   - The target organization's security landscape prior to ASVS
   implementation (e.g. what policies were already in place, what prompted the
   need for ASVS, etc.);
   - The roadmap or strategy for implementing ASVS (e.g. who was involved,
   how many people, which ASVS level(s) were achieved, how long it took to
   achieve them, challenges, etc.)
   - The resulting effect on the target organization's security posture.

Do we have any takers for ASVS case studies?  Please do reach out to me.

Thanks,

Krish

_______________________________________________
Owasp-application-security-verification-standard mailing list
Owasp-application-security-verification-standard at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-application-security-verification-standard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130313/b095b7d9/attachment-0001.html>


More information about the OWASP-Leaders mailing list