[SAMM] OWASP SAMM - project reboot and change of leadership

Thomas Volpe Sr. tvolpesr at verisgroup.com
Tue Jan 29 23:58:05 UTC 2013

Seba -

I want to offer to support you guys as a contributor or reviewer in the comming year.  I recently used the model for an  evaluation on a government agency contract and found it very useful.

Let me know how I can get involved to support the initiative.


Thomas G. Volpe Sr., CSSLP
Software Security Specialist

Office: 571-722-1721
Cell: 410-371-4960
Veris Group | 8229 Boone Blvd., | Ste 750 | Vienna, VA 22182
E – tvolpesr at verisgroup.com<mailto:tvolpesr at verisgroup.com> | I – www.verisgroup.com<http://www.verisgroup.com/>

* 8(a) Small Disadvantaged Business
* FedRAMP Accredited 3PAO
* CMMI Maturity Level 2
* INC.5000 Awardee
* Washington Technology Fast 50 Awardee
* VA Chamber of Commerce Fantastic 50 Awardee
* VA SPQA “12 To Watch” Awardee
NOTICE: This electronic mail message is intended exclusively for the individual or entity to which it is addressed. This message, together with any attachment, may contain confidential and privileged information. Any unauthorized review, use, print, retention, copy, disclosure, or distribution is strictly prohibited. If you have received this message in error, please immediately advise by reply email message to the sender and delete all copies of this message.
From: samm-bounces at lists.owasp.org [samm-bounces at lists.owasp.org] on behalf of Seba [seba at owasp.org]
Sent: Sunday, January 27, 2013 2:28 PM
To: Software Assurance Maturity Model (SAMM); OWASP Leaders
Subject: [SAMM] OWASP SAMM - project reboot and change of leadership


During the last month I have exchanged emails/calls with Pravir, Samantha and lots of other people who have supported SAMM in the past.

SAMM (https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model) is an important OWASP project and needs an active project team to push it to the next level and maintain it in the future.

I will take over the OWASP SAMM project leadership for 2013 with as main objectives:

1) build a list of (reference) organisations that use SAMM

2) create a SAMM user group to exchange experience and organise user group workshops/summits at the major OWASP conferences

3) build SAMM v1.1 or v2.0, based on gathered input on the SAMM mainling list, project participants and the SAMM user group meetings,

This would include linking in other OWASP projects (see https://www.owasp.org/images/8/8f/Setting_up_a_Secure_Development_Life_Cycle_with_OWASP_-_Seba_Deleersnyder.pptx) and integrating the material that has been published on www.opensamm.org<http://www.opensamm.org> since the first version of SAMM.

Together with Pravir and Samantha we agreed on a project leadership transfer.

Pravir will stay on as co-lead. Other co-leaders will be Kuai Hinojosa and Bart De Win.

Colin Watson also indicated to want to participate in the project.

I will set up a doodle for a kick-off gotomeeting call in the coming weeks.

Looking at the interest shown last November: http://lists.owasp.org/pipermail/samm/2012-November/thread.html I hope to have your active participation as project co-lead, contributor or reviewer in the coming year!

Kind regards,


seba at owasp.org<mailto:seba at owasp.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/samm/attachments/20130129/50dcf395/attachment.html>

More information about the SAMM mailing list