[Owasp-leaders] OpenSAMM Summit Outcome - notes
mark.miller at owasp.org
Mon Apr 6 13:31:40 UTC 2015
Seba - Congratulations on such a successful event. It was fun watching it
come together. -- Mark
On Mon, Apr 6, 2015 at 12:56 AM, Seba <seba at owasp.org> wrote:
> Last week we had our first OpenSAMM Summit in Dublin on 27-28 March.
> Full agenda for the User and Project Day are available here:
> We had about 30 people gathering on the User day, with presentations (now
> available online (linked in the agenda page), a short OpenSAMM training
> (slides also available) and 2 great round tables to discuss OpenSAMM
> On Friday evening most attendees came together in the centre of Dublin for
> the social event in the Cocktail / Winter Garden at Fade Street Social.
> Great food and lots of Guinness!
> The Project day on Saturday was packed with constructive discussions and
> decisions on the content and release of v1.1 of OpenSAMM and the evolution
> of the tooling & guidance to support is. More details on the OpenSAMM
> Benchmark initiative - which was announce during the User day – were
> presented and debated together with a timeline for the release of the first
> data set (expect this by September 2015).
> The User day meeting notes – together with the list of actions – are
> available here:
> The final release of OpenSAMM v1.1 will be done in the coming weeks. The
> core model will be split of the full document. Some nomenclature changes
> were decided to better cover the underlying OpenSAMM security activities.
> The how-to, templates, toolbox and quick-start guide will be released
> separately and will have their own versioning. The existing mappings from
> other frameworks will also be updated and now includes a mapping on PCI DSS
> Overall feedback scores from the survey on the summit were great. Overall
> score was 93.3 % ! Detailed scores and lessons learned have been captured
> I want to thank all participants, my project co-leaders and the supporting
> sponsors for making this summit a big success!
> I will finish with the following quote: *"The SAMM summit provided an
> opportunity to breathe new life into a framework that I use to facilitate
> my day-to-day work and support my customers."* Bruce C Jenkins, Fortify
> Security Lead, Hewlett-Packard Company
> Stay tuned for the release of OpenSAMM v1.1 and hope to see you at one of
> our next OpenSAMM summits!
> Kind regards,
> OpenSAMM project team
> Also published online here -
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
*Mark Miller, Senior Storyteller*
*Curator and Founder, Trusted Software Alliance*
*Host and Executive Producer, OWASP 24/7 Podcast ChannelCommunity Advocate,
*Developers and Application Security: Who is Responsible?*
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders