[SAMM] [Owasp-leaders] OWASP SAMM - project reboot and change of leadership

Matteo Meucci matteo.meucci at mindedsecurity.com
Mon Jan 28 11:51:05 UTC 2013


Hi,
great news Seba!

I gave my support for SAMM v1.0 and I used the framework to give some real assessments. I'd like to contribute again to improve the model. 

As I said to Pravir, I think the key point of the Sw Assurance is 
the fixing process. That's vital for every organization.
As we know that bugs are expected, the most important information 
is how the Company implements the fixes (fix responsability, time of exposure, recheck process). That's should be great to add next version.
What do you think?

Thanks,
Mat


On 01/28/2013 08:34 AM, Colin Watson wrote:
> Seba
> 
> Great news. I am pleased to offer my time to support you, Kuai, Bart,
> and all the other contributors with revitalising SAMM.
> 
> Colin
> 
> On 27 January 2013 19:28, Seba <seba at owasp.org> wrote:
>> Hi,
>> 
>> During the last month I have exchanged emails/calls with Pravir, Samantha
>> and lots of other people who have supported SAMM in the past.
>> 
>> SAMM
>> (https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model)
>> is an important OWASP project and needs an active project team to push it to
>> the next level and maintain it in the future.
>> 
>> 
>> I will take over the OWASP SAMM project leadership for 2013 with as main
>> objectives:
>> 
>> 1) build a list of (reference) organisations that use SAMM
>> 
>> 2) create a SAMM user group to exchange experience and organise user group
>> workshops/summits at the major OWASP conferences
>> 
>> 3) build SAMM v1.1 or v2.0, based on gathered input on the SAMM mainling
>> list, project participants and the SAMM user group meetings,
>> 
>> This would include linking in other OWASP projects (see
>> https://www.owasp.org/images/8/8f/Setting_up_a_Secure_Development_Life_Cycle_with_OWASP_-_Seba_Deleersnyder.pptx)
>> and integrating the material that has been published on www.opensamm.org
>> since the first version of SAMM.
>> 
>> 
>> Together with Pravir and Samantha we agreed on a project leadership
>> transfer.
>> 
>> Pravir will stay on as co-lead. Other co-leaders will be Kuai Hinojosa and
>> Bart De Win.
>> 
>> Colin Watson also indicated to want to participate in the project.
>> 
>> 
>> I will set up a doodle for a kick-off gotomeeting call in the coming weeks.
>> 
>> Looking at the interest shown last November:
>> http://lists.owasp.org/pipermail/samm/2012-November/thread.html I hope to
>> have your active participation as project co-lead, contributor or reviewer
>> in the coming year!
>> 
>> 
>> Kind regards,
>> 
>> Seba
>> 
>> seba at owasp.org
>> 
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> 
> _______________________________________________
> SAMM mailing list
> SAMM at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/samm

-- 
Matteo Meucci
CEO, Minded Security
Mobile: +39 3283019559

Site:http://www.mindedsecurity.com
Blog:http://blog.mindedsecurity.com
Twitter:http://www.twitter.com/mindedsecurity
DOMinator Pro is now available:https://dominator.mindedsecurity.com 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/samm/attachments/20130128/7e4ac456/attachment.html>


More information about the SAMM mailing list