OWASP Threat Modeling Reboot
Get in, we’re rebooting the OWASP Threat Modeling project!
Alongside Avi Douglen, Brook Schoenfield, John Taylor, and Matt Coles, I've agreed to step up as a project lead for the OWASP threat modeling project.
Our joint statement was posted to #threat-modeling in the OWASP Slack:
We wish to foster a community that enables people to learn, share and create content that serves both OWASP members and those of the broader community. We want to ensure the content made available through this project is both comprehensive and practically-oriented. The direction of the community will build on the foundational work of the past and provide sufficiently clear guidance to ensure that OWASP’s threat modeling resources are cohesive.
We’re getting together to figure out things like defining a set of community activities including calls, and an open process for defining a charter, and plan to have some of that practical stuff by mid-December.
We look forward to revitalizing the OWASP Threat Modeling Project and bringing consistency to the threat modeling practices and guidance supporting OWASP’s mission to be a gold-standard resource for development efforts. We also hope you will be active partners in building this community further.
I encourage anyone who’d like to contribute to get involved by joining Slack and/or conversations on GitHub. You don’t have to be an OWASP member to contribute, but membership is inexpensive and I encourage you to join.
Also, part of having a community project is that I won’t always agree with everything the community decides, and I’m ok with that. So I want to be clear: the project doesn’t necessarily reflect my views and if I need to speak as one of the project leads I’ll say so.