Thursday, September 25, 2008


CMMi and IT Security

I find it fascinating in learning of how many members of OWASP find much of CMMi silly. The notion of documenting bad process gets you to level three is the joke of the century.

Pravir Chandra presented at the OWASP conference, the notion of a maturity model that is being led by Brian Chess and the folks over at Fortify and will be in the near future published under OWASP which was well received. If you would like to learn more about this activity, please join the OWASP mailing list here...

Links to this post:

Create a Link

<< Home
| | View blog reactions

This page is powered by Blogger. Isn't yours?