owaspsamm / website Goto Github PK
View Code? Open in Web Editor NEWThe OWASP SAMM Website
Home Page: https://owaspsamm.org
The OWASP SAMM Website
Home Page: https://owaspsamm.org
At this moment there does not seem to be an obvious way to view the activity identifiers (such as eg. G-PC-A-1) next to the actual text. I suggest to have these identifiers mentioned on the website and pdf (perhaps even the assessment sheet?), so there is a uniform way to mention and link activities
Add Galah Cyber and GuidePoint Security LLC
Derived from owaspsamm/samm-suite#40
Reported by @KGABSWEDEN
After removing the contact form from the main menu when we added the resources section, we need to add the contact form back through other pages and add it to the community menu.
Draft is available in Google Drive for core team 'Blogs' folder.
Toreon appears twice
Reported by @KGABSWEDEN
Update the link to the Google Sheets Assessment link to point to the 2.0.6 version of the Google Sheets as Google doesn't like to allow stomping the same file for versioning.
https://docs.google.com/spreadsheets/d/1a8aH4_nwZq9M_5_t_tX8DGpblivKdzQcwU_T6t8OEYQ/view
Also, please remove the reference to the ConcordUSA tool as it is not actively maintained or reflective of the current SAMM.
Can add references to SAMMY and Sammwise if appropriate.
The diagram showing an overview of the model on the about page ist using a completely different color scheme then the one established previously in the (Excel or Google) spreadsheet toolbox or the original overview diagram of SAMM v2.
I would suggest sticking to the established colours for all resources.
The Learn more link in the cookie consent banner pointed to this URL, which is no longer available
https://www2.owasp.org/www-policy/operational/privacy
This is the current version of OWASP's privacy policy:
https://owasp.org/www-policy/operational/privacy
Update and contact OWASP to change the current draft for a final version.
One the Events page, the link to the AppSec NZ 2021 OWASP SAMM: Status and Roadmap is now 404. The external site link has been changed.
The new link is: https://appsec.org.nz/conference-2021/speakers.html
Create a blog to announce the SAMM Practitioners
Create a blog post for the website detailing how SAMM fits in to an ISO27001 certified ISMS
In July, at the latest, once it becomes obsolete.
Add link to the newsletter page in the resources section.
Add guidance in many forms (mappings, projects, references, tools, best practices, ...) to the SAMM activities.
We bootstrap this with an MVP using Google Docs and Forms to insert/update the SAMM Guidance.
In this MVP we will bootstrap 30 Guidance Docs (one per SAMM Stream).
Each of these Guidance Docs will be linked form the Model pages on the website.
Update link to get invitation here:
https://owaspsamm.org/contributing/
https://owaspsamm.org/faq/
Part 1
Trying to translated filled out 1.5v assessments into the v2 format. Do you have a tool that I would be able to use to translate it into the v2 format so we could identify just the new questions being asked?
Appreciate any help you may be able to give. :)
Add Intrasoft & Optiv to the practitioners list
Users should contact us for admission to SUD23 if they have a full pass for the conference
Extend deadline for submissions to Sep 25.
the recording from the virtual Global AppSecEU 2022 is online here - https://docs.google.com/spreadsheets/d/1kimShFGWATiajvqvc89n-4jFoMahtXO0oCRpdnEHdtc/edit#gid=481705626 (added a column) - can you add this to the Archive on https://owaspsamm.org/events/?
Wiki link in website readme.md is broken
In the following places I found links that still point to the old GitHub repository (https://github.com/OWASP/samm):
Use the info in these documents to update the page:
Registration link:
https://www.eventbrite.com/e/owasp-global-appsec-washington-dc-2023-tickets-519195877847
Call for presentations form:
https://forms.gle/2xYo8z4w7VyoxTqf8
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.