[Owasp-leaders] Help Craft the OWASP BSc and MSc Curricula

Adrian Winckles adrian.winckles at owasp.org
Sun Jun 4 10:44:12 UTC 2017


Hi Mateo (cc: Leaders)

This is one of the many workshop discussions at the OWASP Summit (Woburn
CentreParcs/London UK) 12th - 16th June 2017.

Detaills below

What I' trying to do at the Summit  is to explore the possibility of OWASP
developing an educational strategy for security programmes at both
undergraduate and postgraduate levels.

Part of OWASP’s main purpose is to *“Be the thriving global community that
drives visibility and evolution in the safety and security of the world’s
software”*. A key part of that mission is to educate not just the current
generation of developers or information security professionals, but also
the next generation, particularly in the context of the acknowledged skills
shortage in the security sector.

A common problem with many security education programmes (whether cyber or
InfoSec) or even traditional computer science programmes is that they do
not address application security adequately, if at all. In some regions,
attempts have been made to address this deficit. In the UK for example,
ISC2 and the BCS are working on an initiative to embed security firmly
within the Computer Science curriculum, with an emphasis on secure coding
techniques. OWASP, through my involvement, also champions this initiative.

There is an opportunity for OWASP to pull together its wide-ranging
expertise, projects, and dedicated volunteers to engage in these types of
education programmes and initiatives by developing an educational strategy
for undergraduate and postgraduate students. This could take the form of an
open “Standard” template which can be adopted and adapted by diverse
educational partners and organisations. Such a template would also give a
useful starting point or reference document for when we engage with other
professional bodies.
What

   - What aspects of Application Security knowledge and skills does
   industry need?
   - What problems relating to application security does the next
   generation of graduate software developers, computer scientists and
   security analysts need to solve?
   - Establish a core set of learning objectives for BSC/MSc level
   Application Security curricula.
   - Establish which OWASP Projects are useful to help shape and support
   curricula in Application Security.
   - Determine a mechanism by which regional/local deliveries of the
   curriculum could be supported by the OWASP community (for example, OWASP
   supporters on validation panels, critical friend on module design, guest
   lectures and training academics)

Who

The target audience for this Working Session is:

   - OWASP project leaders whose projects have an educational element
   (probably all OWASP Project leaders)
   - Application Security Trainers
   - Academics involved in AppSec and InfoSec
   - Any employer involved in recruiting graduates into application
   security related roles
   - Other organisations/professional bodies with a vested interest in
   application security educational programmes

It would be great to have you on board on the summit , I know Tiffany was
offering £1000/$1000 towards core owasp contributers taking part or also
there are remote participation opporuntities

Be great to have you on board,

Look forward to hearing from you

Thanks

Adrian

On Wed, May 31, 2017 at 9:14 PM, Mateo Martinez <mateomar at gmail.com> wrote:

> Hi Adrián,
>
> I want to help on this.
> This will be discussed during the OWASP Summit or during the project
> Summit?
>
> Thanks,
>
> Mateo
>
> 2017-05-31 15:19 GMT-03:00 Adrian Winckles <adrian.winckles at owasp.org>:
>
>> Hi Carlos
>>
>> There is a list of remote participators on the summit website which I
>> think you can add your name to
>>
>> Thanks
>>
>> Adrian
>>
>> Sent from my iPhone
>>
>> On 31 May 2017, at 17:20, Carlos Serrão <carlos.serrao at owasp.org> wrote:
>>
>> I guess this message below was not copied to everyone!
>> Sorry!
>>
>> On 27 May 2017, at 10:27, Carlos Serrão <carlos.serrao at owasp.org> wrote:
>>
>> Tiffany,
>> I’m deeply interested in participating on this, but I won’t be able to be
>> in London? Is there any other way to be involved remotely?
>>
>> Thank you!
>>
>> On 27 May 2017, at 07:02, Tiffany Long <tiffany.long at owasp.org> wrote:
>>
>> We are looking for educators and security professionals who are
>> interested in helping OWASP develop an official BSc and MSc curricula at
>> the Project Summit in London.  Leaders are eligible to get up to $1,000 in
>> funding be eligible to get funding from the foundation.
>>
>> http://owaspsummit.org/Working-Sessions/Education/
>>
>> Tiffany Long
>> Community Manager
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>> *Carlos Serrão*
>> OWASP <http://www.owasp.org/>.PT
>> <http://www.owasp.org/index.php/Portuguese> chapter
>>
>> [image: owasp.org] <http://www.owasp.org/>
>> blog <https://www.carlosserrao.net/> | skype | linkedin
>> <http://pt.linkedin.com/in/carlosserrao> | twitter
>> <http://twitter.com/#!/pontocom> | facebook
>> <https://www.facebook.com/carlosserrao> | google+
>> <https://profiles.google.com/u/0/carlos.j.serrao/about>
>>
>>
>> *Carlos Serrão*
>> OWASP <http://www.owasp.org>.PT
>> <http://www.owasp.org/index.php/Portuguese> chapter
>>
>> [image: owasp.org] <http://www.owasp.org>
>> blog <https://www.carlosserrao.net> | skype | linkedin
>> <http://pt.linkedin.com/in/carlosserrao> | twitter
>> <http://twitter.com/#!/pontocom> | facebook
>> <https://www.facebook.com/carlosserrao> | google+
>> <https://profiles.google.com/u/0/carlos.j.serrao/about>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170604/179b76d9/attachment.html>


More information about the OWASP-Leaders mailing list