[SC-L] SANS Institute - CWE/SANS TOP 25 Most Dangerous Programming Errors
Pravir Chandra
chandra at list.org
Thu Jan 15 16:40:12 EST 2009
On Thu, Jan 15, 2009 at 12:35 AM, Stephen de Vries
<stephen at twisteddelight.org> wrote:
> Interesting articles, and they really whet the appetite for more of
> your maturity model. Can we expect a public/open release?
Since you made mention of the maturity model, I'll toss in my
shameless plug for the SAMM project (Software Assurance Maturity
Model).
For now, only a Beta is available, but it was heavily debated and
refined at the OWASP Summit in November and a new revision is imminent
(within the month). In the mean time, check out the Beta at:
http://www.opensamm.org/downloads/SAMM-BETA-0.8.1.pdf
As soon as the next version is ready, we'll be launching it as an
OWASP project to serve as a new revision to the CLASP project, if
you're familiar with that. I've also been talking to a number of
vendors (both product and services) about supporting the SAMM project
and things are looking positive so far. I encourage anyone with data,
ideas, or motivation to ping me and get involved.
p.
--
~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~ ~~~~~~~~ ~~~~~ ~~~ ~~ ~
Pravir Chandra chandra<at>list<dot>org
PGP: CE60 0E10 9207 7290 06EB 5107 4032 63FC 338E 16E4
~ ~~ ~~~ ~~~~~ ~~~~~~~~ ~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~
More information about the SC-L
mailing list