[Owasp-leaders] Two and a bit initiatives that I would like to see some sort of indicative interest in

Andrew van der Stock vanderaj at owasp.org
Sun Oct 25 14:10:13 UTC 2015


Hi all,

I was at Ruxcon the last two days, and one of the gaps identified by our
OWASP Brisbane chapter leader is that we don't have security engineering
materials. This has been brewing in my head for the last few hours, and we
have a few other gaps on the early part of the software sausage factory:

Tangible, practical

   - Secure agile development lifecycle (closest match  -
   https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process
   )
   - Security architecture for modern agile teams (We got nothing -
   https://www.owasp.org/index.php/Category:Security_Architecture)
   - Developer and tester focused training. (we have a lot of slides and
   videos, but no coherent list of 101 -> 201 -> 301 or organized by topic in
   a MOOC or eLMS.


What sort of interest do folks have to join in a concerted effort to bring
about these things? I only have so much time, so basically, we need to work
out what we want to do and in which order, and do them.

For the last item, check out the way the Linux Foundation does
certification and training - including free training, which I know is dear
to many folks.

https://training.linuxfoundation.org/free-linux-training

My thoughts as a 501(3)c not for profit, we should probably have a longer
discussion about the last point, and may be leverage the work happening in
the Philippines chapter via John Lee Pita, the OWASP Academy (
http://www.owaspacademy.com)

thanks
Andrew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151026/65968abb/attachment.html>


More information about the OWASP-Leaders mailing list