OWASP ISO Project
OWASP ISO Project
The OWASP ISO Project aims to gather participants to help improve the ISO Standard. We aim to improve all ISO standards about Application Security and Secure Coding by working with the following ISO Groups :
- ISO/IEC JTC 1/SC27 - ISO/IEC JTC 1/SC 22
There will be 2 meetings per working group at ISO per year.
OWASP ISO Project is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
What is XXX?
OWASP XXX provides:
Link to presentation
News and Events
This project can be purchased as a print on demand book from Lulu.com
XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:
As of February 2014, the priorities are:
1/ Setting up a OWASP ISO Project 2/ Having a small group of what we call OWASP ISO Liaison. In the OWASP Terminology it's an OWASP Project leader(s). 3/ Setting some contributors to the OWASP Project.
Role of the OWASP ISO Liaison: This is mostly "project manager(s)". He need to find the good contributors in the OWASP projects/community to review and or contribute to the ISO guidances. OWASP ISO Liaison must attend and participate to the ISO Working Group physically and to ISO Ad-hoc meeting remotely or physically (depending of the meeting site).
Role of the OWASP Contributors : This is mostly an expert on the subject. They contribute in reviewing/commenting and or contributing to the ISO guidances. => Best Effort role.
OWASP Contributor can be a chapter leader to facilitate for the country langage/facilities/... or project leader or event just a member as long as the OWASP ISO Liaison trust him.
OWASP Contributor can also decide to join in and help the OWASP ISO Liaison online as well. An OWASP ISO Liaison can also be OWASP Contributor at the same time if the opportunity is there.
Costs/Charges : - There is 2 meeting per working group at ISO per year. It's seem OWASP could be in 2 group. So there will be 4 meeting/year for OWASP ISO Liaison. - I think a OWASP ISO Liaison agent will have a charge of 1 or 2 day per month to compile and exchanges with the contributors/ISO.
I recommend to have 3 or 4 OWASP ISO Liaison all over the world. (EU, US, ASIA, ...) to optimize flying cost and timezone attend to the meetings
Involvement in the development and promotion of the OWASP ISO Project is actively encouraged! You do not have to be a security expert in order to contribute.
Some of the ways you can help:
| PROJECT INFO
What does this OWASP project offer you?
| RELEASE(S) INFO|
What releases are available for this project?