Home page logo

basics logo Security Basics mailing list archives

The ISM-Community
From: "Mark Curphey" <mark () curphey com>
Date: Wed, 28 Feb 2007 13:30:07 +0100

I am pleased to announce the ISM-Community (http://www.ism-community.org).

We want to create a vibrant international "community of practice" to bring
together people who have an interest in exchanging and developing ideas,
sharing knowledge and developing community based projects that are genuinely
useful to people.  The community is being setup to flourish without the
baggage of formal standards bodies or commercial company constraints in a
similar model to the OWASP (http://www.owasp.org) . It will be well
organized and run efficiently and we are in the process of registering as a
"not for profit" organization so US companies can sponsor the work with tax

We have three main themes;
.       Projects
.       Online Portal and Publishing
.       Local Chapters and Conference

We will be working on a number of projects and are always looking for new
ideas and people to lead them. At the moment we are getting close to the
release of a first draft of a fast qualitative risk assessment methodology.
Other project ideas include improving the free policy frameworks currently
out there today and building a threats and countermeasures database.  If you
have an idea, would like to work on a project or have already created
something that you think would be useful to others, please consider
launching it or donating it to the ISM-Community (some restrictions apply in
order to ensure the work will always be freely available to everyone). You
can mail me directly. Things can be as simple as spreadsheets to organize
risk assessments up to complete security program material.  We are
specifically looking for someone who is interested in working with us to
develop (and even sponsor) an online database application to map and track
security standards / regulations. 

Online Portal and Publishing
Our portal is now online at http://www.ism-community.org  which supports
publishing articles, blogs, forums/ mailing lists and file galleries. We
will likely install a Wiki in the near future. This makes for a great
platform from which people can collaboratively work on projects of interest.
Each project can have its own discussion forum, and space to publish
documents etc. You can register for an account on the portal for free in
order to participate in a project (post to the forums etc).

We do also have a limited number of blogs available.  If you have something
interesting to say on a regular basis let us know.

Local Chapters
One of the very successful things at OWASP has been local chapters. These
are informal meetings to hook-up local folks. Usually held quarterly in a
company or public location (bars with a private room are good), choose a few
speakers on a few topics, buy some pizza and "voila".  All free of course.
We are looking for people to start Chapters all over the world so if you can
commit to holding a monthly meeting and doing the organizing please drop us
a line. Well get you a space on the portal setup to announce your meetings
and share your local community findings. 

At some point in the future if there is enough interest we will hold some
conferences, probably tacked onto the back or front of some other popular
security conferences. 

We hope you will join us and collaborate on creating some useful projects.
If you think there is a gap or something needs improving there is a very
good chance others do as well. 

Blue Skies!

Mark Curphey

Blog - http://www.securitybuddha.com
Fun - http://www.securitybullshit.com 

This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your 
enterprise with BigFix, the single converged IT security and operations 
engine. BigFix enables continuous discovery, assessment, remediation, 
and enforcement for complex and distributed IT environments in real-time 
from a single console.
Think what's next. Think BigFix. 


  By Date           By Thread  

Current thread:
  • The ISM-Community Mark Curphey (Feb 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]