[Owasp-leaders] Profiling as software Open Source organization

johanna curiel curiel johanna.curiel at owasp.org
Tue Mar 3 19:43:49 UTC 2015


-- I would like to see more serious/uptodate instruments that can be used
in dev appsec trainings, so that we use owasp webgoat xyz and not invent
ones, as we do today.

There are projects doing this, the OWASP mobisec was selected as training
course this Blackhat USA 2015

https://www.blackhat.com/us-15/training/assessing-and-exploiting-mobile-applications-with-owasp-mobisec.html

If many feel we want to do this then we need to work on this and help
develop it

regards

Johanna


On Tue, Mar 3, 2015 at 3:37 PM, Timur 'x' Khrotko (owasp) <timur at owasp.org>
wrote:

> Great topic!
>
> Quick sidenotes:
> -- Some time ago it was stated that OWASP is not to maintain
> enterprise-compliant software projects, since the lack of support
> capabilities. The other reading of this would be that we may maintain
> serious sw projects, but outsource the support, and there can be a scheme
> for this.
> -- As a reflection to the Google Summer Code 15 failure, I would suggest
> that we should force ourselves into a position where some of the
> *cool/attractive* appsec related projects on the GitHub will be willing to
> belong under the OWASP umbrella. The must be a benefit of bearing the owasp
> brand in the name, eg. professional approval and promotion.
> -- I would like to see more serious/uptodate instruments that can be used
> in dev appsec trainings, so that we use owasp webgoat xyz and not invent
> ones, as we do today.
>
>
> ~timur
> owasp hu chapter // appsec propagandist
> +36309225777, +79217697577, +12318468790
> < w <https://www.owasp.org/index.php/Hungary>, g
> <https://plus.google.com/communities/101439162562517684078>, f
> <https://fb.com/owasp.hu>, l <http://www.linkedin.com/groups?gid=4692397>,
> t <https://twitter.com/owasp_hu>, m <http://www.meetup.com/OWASP-HU/> />
>
> On Tue, Mar 3, 2015 at 8:12 PM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>
>> Leaders
>>
>> I would like to hear ideas on how could we become more a open source
>> 'software' organization similar to Mozilla, Samba
>>
>> We need to define:
>>
>>    - What kind of software we want to build
>>    - Focus and invest our 'development' and improvements efforts into
>>    the most successful projects (example:ZAP, APPSENSOR, ModSecurity Rules,
>>    CRSF..etc)
>>    - Allow incubators to work as experimentation and help the most
>>    promising develop into successful ones
>>    - Market the projects as 'Products'
>>    -
>>
>> More ideas?
>>
>> I think is time we take projects into the next level
>>
>> regards
>>
>> Johanna
>>
>>
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
> This message may contain confidential information - you should handle it
> accordingly.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150303/5a36eabd/attachment.html>


More information about the OWASP-Leaders mailing list