The Trusted Software Alliance was founded in May of 2013 to raise public and professional awareness of application security as a major risk in application development. We capture the thoughts, ideas and trends as seen by the most important voices in the appsec industry. This includes a series of “50 in 50 Interviews”, highlighting the most influential people and companies working on application security.
We are working with OWASP to define a series of industry best practices for managing vulnerability and risks in open source component usage. The project, Good Component Practices, is a community effort of companies and people interested in managing open source component risk at the enterprise level.
A second initiative of TSWA is to promote surveys and major reports created by members of the open source security community. We currently have two ongoing reports. The first is a weekly status update from Central Repository displaying downloads and other information about the previous week’s activities in Central. The second is a Website Security Statistics Report created by Jeremiah Grossman‘s team at WhiteHat Security. As we find more reports, we will make them available.
In a third initiative, the Trusted Software Alliance is interested in supporting the work of the top influencers in the industry and is in the process of creating a series based upon our research of the most influential voices in application security. The interview podcast, “50 in 50 Interviews“, is live, one-one conversations with these influencers, examining the ideas and trends within the application security industry.
We welcome all members of the appsec community to participate in this initiative, whether it be through article contributions, research reports and survey data.