[Owasp-leaders] Fwd: Scheduling SWAMP/OWASP Call Regarding Partnership - week of 7/7

Tom Brennan tomb at owasp.org
Thu Jul 3 03:05:35 UTC 2014


Apologies in advance if you are getting this 2x, first attempt crashed
and burned to get the project/chapters leaders list


---------- Forwarded message ----------
From: Tom Brennan <tomb at owasp.org>
Date: Wed, Jul 2, 2014 at 10:42 PM
Subject: Re: Scheduling SWAMP/OWASP Call Regarding Partnership - week of 7/7
To: "Miller, Allyson" <AMiller at continuousassurance.org>


Thank you for this Allyson,

cc: to a few others leaders on the OWASP side to get a heads up on the
proposed agenda and raise their hand or contact you directly if they
want to get personally involved or add items to the DHS SWAMP project.

Depending on the response it may make sense for you to host a webex to
allow more attendance of interested parties.  I'm available on either
day currently proposed, send a invite I will join as one of the many
volunteers if possible.

There are a LOT of items on this list all good BTW. With my OWASP Hat
on everyone welcomes the opportunity to work together with the US
Government to help the OWASP Mission of "Raising Software Security
Awareness" -- is this .PDF still the CURRENT roadmap of the project?

http://www.dhs.gov/sites/default/files/publications/csd-day-3-02-tta14-swamp-livny.pdf
it was linked to from this page: http://www.dhs.gov/csd-swamp.

It would appear that you are in a important phase of the project reaching
out to a professional association like OWASP.

If I could recommend Allyson that your team and project sponsors
review the OWASP Goverment Bodies green-book that is on the home page
of www.owasp.org (right side navigation)
https://www.owasp.org/images/d/de/OWASP_Green_Book-Governmental_Bodies.pdf
and we add that to the agenda for alignment of principals and goals.

As you know OWASP is global and not just based in the USA so best to
be as transparent as possible as we start these discussions; then
enable folks to join tasks forces if they want to help out.

Personally as previously expressed, I really like the DHS, Software
Assurance Market Place (SWAMP) for what it could do for all OWASP
open-source code projects (for those that you can support) raising the
quality level.  I am sure the project leaders and attendees of
APPSECUSA 2014 would be really interested in the GRANT MONEY that you
have budgeted for 2015 and the process to respond to the solicitation
of what SWAMP is looking to fund as a OWASP open-source project in its
final deliverable.

** For anyone reading this asking what is SWAMP and how can it help
your open-source project TODAY check out
https://continuousassurance.org/

Although I do not foresee anything on your agenda needed a "VOTE" by
the board of directors -- as all of these things our staff can handle
today, we do have a meeting coming up on July 9th see:
https://www.owasp.org/index.php/Board#tab=Agenda_for_2014_Meetings
should it be needed. Your team is WELCOMED to attend it as is everyone
adding new business as anyone is in raising NEW BUSINESS or community
support/concerns etc.

Tom Brennan
Vice Chairman, OWASP Foundation
973-202-0122





On Wed, Jul 2, 2014 at 10:59 AM, Miller, Allyson
<AMiller at continuousassurance.org> wrote:
> Hi Tom, Sarah, and Josh,
>
> What times would you and any others from the OWASP team be available for a
> call during the week of 7/7? Based on the agenda below that I sent out on
> Friday, I’d be happy to coordinate a meeting time with others, if needed.
>
> Since Johanna was going to be out of the office during the week of 7/7, I
> scheduled a call with her and the SWAMP team to discuss any lingering
> technical issues and questions that have come up since our last call with
> her. However, I did want to wait to discuss the agenda items below until the
> week of 7/7 once we have more people on the phone. Let me know if you have
> any questions/concerns/updates to the agenda below, and I look forward to
> receiving some meeting times from you.
>
> Thanks!
>
> Ally Miller
> Administrative Assistant
> Software Assurance Marketplace (SWAMP)
> Office: (608) 316-4266 | Cell: (608) 630-0936
> amiller at continuousassurance.org
>
> Morgridge Institute for Research
> 330 N. Orchard St. Madison, WI 53715
> morgridgeinstitute.org | continuousassurance.org
>
>
>
> Hi everyone,
>
> Here is the proposed agenda for the partnership call during the week of 7/7.
> If you have any questions/concerns/additions to the below, just let me know.
> Also, please send me your availabilities ASAP once you know who all will
> attend. (Note, since Johanna will be out the week of 7/7, I’m scheduling a
> quick call with her separately next week.)
>
>
> Agenda for OWASP-SWAMP Strategic Partnership Call
>
>
>
> ·      Defining what the “strategic partnership” means and noting any
> exceptions/boundaries.
>
> ·      What we can do to help each other and how to do that.
>
> o   SWAMP is planning a Press Release to formally announce the partnership
> during AppSec.
>
> o   Other opportunities at AppSec
>
> §  Co-hosting a party/event/meal?
>
> §  Holding a press conference and panel discussion
>
> §  OWASP to have a spot in SWAMP booth?
>
> §  OWASP to participate in the press conference
>
> §  OWASP to speak to selected editors/press, as needed
>
> §  Should SWAMP have an in-booth presentation every hour or so?
>
> §  Can we co-brand giveaway items to celebrate the partnership?
>
> o   Co-brand a release or a communiqué targeted at OWASP members about using
> SWAMP
>
> o   Work together on blog posts, whitepapers, and other marketing activities
>
> o   Adding OWASP’s current software analysis tools (and ones still under
> development) to the SWAMP.
>
> o   Collaborating on upcoming OWASP initiatives pertaining to
> continuous/software assurance
>
> §  OSSAP (OWASP Software Security Assurance Process)
>
> §  Any other OWASP initiatives SWAMP should be aware of?
>
> o   What else is OWASP willing to do to promote SWAMP?
>
> o   No hiring of each other’s employees
>
> ·      Other topics/open discussion
>
> o   Demo/Webinar of the technical aspects of the SWAMP for the OWASP
> community, including points from Tom Brennan’s email.
>
> o   Doing a survey of the SWAMP and OWASP fellowship about their experiences
> with continuous assurance (for a news release/story to pitch to the press)
>
>
>
> Thanks, and have a great weekend!
>
> Ally Miller
> Administrative Assistant
> Software Assurance Marketplace (SWAMP)
> Office: (608) 316-4266 | Cell: (608) 630-0936
> amiller at continuousassurance.org
>
> Morgridge Institute for Research
> 330 N. Orchard St. Madison, WI 53715
> morgridgeinstitute.org | continuousassurance.org
>
>
>
> What's the agenda we can rally interested parties.
>
> Tom Brennan
> 973-202-0122
>
> On Jun 26, 2014, at 9:42 AM, "Miller, Allyson"
> <AMiller at continuousassurance.org> wrote:
>
> Hi OWASP folks,
>
> I’d like to schedule a call with your team and a few of us from the SWAMP,
> including Kevin Greene, regarding the formation of our strategic
> partnership. Could you send me your availabilities? Due to APPSEC Europe and
> the upcoming 4th of July holiday, we’d like to schedule a call during the
> week of 7/7. Would some time on Tuesday, July 8 work?
>
> Thanks!
>
> Ally Miller
> Administrative Assistant
> Software Assurance Marketplace (SWAMP)
> Office: (608) 316-4266 | Cell: (608) 630-0936
> amiller at continuousassurance.org
>
> Morgridge Institute for Research
> 330 N. Orchard St. Madison, WI 53715
> morgridgeinstitute.org | continuousassurance.org
>
>


-- 
Tom Brennan
https://www.linkedin.com/in/tombrennan
973-202-0122


More information about the OWASP-Leaders mailing list