[Owasp-leaders] OpenSAMM Summit Outcome - notes

Mark Miller mark.miller at owasp.org
Mon Apr 6 13:31:40 UTC 2015


Seba - Congratulations on such a successful event. It was fun watching it
come together.  -- Mark

On Mon, Apr 6, 2015 at 12:56 AM, Seba <seba at owasp.org> wrote:

> hi,
>
> Last week we had our first OpenSAMM Summit in Dublin on 27-28 March.
>
> Full agenda for the User and Project Day are available here:
>
> https://www.owasp.org/index.php/OWASP_SAMM_Summit_2015
>
> We had about 30 people gathering on the User day, with presentations (now
> available online (linked in the agenda page), a short OpenSAMM training
> (slides also available) and 2 great round tables to discuss OpenSAMM
> experiences.
>
> On Friday evening most attendees came together in the centre of Dublin for
> the social event in the Cocktail / Winter Garden at Fade Street Social.
> Great food and lots of Guinness!
>
> The Project day on Saturday was packed with constructive discussions and
> decisions on the content and release of v1.1 of OpenSAMM and the evolution
> of the tooling & guidance to support is. More details on the OpenSAMM
> Benchmark initiative - which was announce during the User day – were
> presented and debated together with a timeline for the release of the first
> data set (expect this by September 2015).
>
> The User day meeting notes – together with the list of actions – are
> available here:
>
>
> https://docs.google.com/document/d/1pC4har75olF1WPZaqRfXFG9T3SS_qoEUvHkEynE0iTI
>
> The final release of OpenSAMM v1.1 will be done in the coming weeks. The
> core model will be split of the full document. Some nomenclature changes
> were decided to better cover the underlying OpenSAMM security activities.
> The how-to, templates, toolbox and quick-start guide will be released
> separately and will have their own versioning. The existing mappings from
> other frameworks will also be updated and now includes a mapping on PCI DSS
> v3.
>
> Overall feedback scores from the survey on the summit were great. Overall
> score was 93.3 % ! Detailed scores and lessons learned have been captured
> here:
>
>
> https://docs.google.com/document/d/1tHdZFjsNwqhD1iYXBQyrgtBLLI_sTRn_kx8HSyKqNEY
>
> I want to thank all participants, my project co-leaders and the supporting
> sponsors for making this summit a big success!
>
> I will finish with the following quote: *"The SAMM summit provided an
> opportunity to breathe new life into a framework that I use to facilitate
> my day-to-day work and support my customers."* Bruce C Jenkins, Fortify
> Security Lead, Hewlett-Packard Company
>
> Stay tuned for the release of OpenSAMM v1.1 and hope to see you at one of
> our next OpenSAMM summits!
>
> Kind regards,
>
> Seba
>
> OpenSAMM project team
>
> Also published online here -
> http://www.opensamm.org/2015/04/opensamm-summit-dublin-outcome/
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
*Mark Miller, Senior Storyteller*
*Curator and Founder, Trusted Software Alliance*

*Host and Executive Producer, OWASP 24/7 Podcast ChannelCommunity Advocate,
Sonatype*

*Developers and Application Security: Who is Responsible?*
<https://www.surveymonkey.com/s/Developers_and_AppSec>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150406/d48e6579/attachment.html>


More information about the OWASP-Leaders mailing list