Community Site Launch - www.threatsandcountermeasures.com

[Nick Murison <nick () urgusabic net>]

Dear all,

We are proud to announce the launch of ThreatsAndCountermeasures.com, the
home of the Community Secure Software Guide (CSSG), a group of blogs
relating to software security, and eventually (hopefully) a rich community
of security-conscious professionals.

The main aim of this site is to build an open and complete software
security guide, licensed under a creative commons license.  We want it to
be technology agnostic, covering areas including web applications,
server-client systems, mobile apps and many more.  The target members are
mainly designers and developers who want to improve knowledge about
producing secure software, but we welcome the knowledge and experience
from people such as cryptologists, solutions consultants and anyone else
who feels they can make a contribution to the community.

By providing a Wiki system (https://www.threatsandcountermeasures.com/wiki),
we want everyone and anyone to come along and have their say, and we are
really looking for contributors to start adding content straight away.  We
hope the site will be a place where people will be able to add and find
resources on how to solve their security concerns, preferrably before
software passes into live production use.

Initial content has been generously provided by JD Meier and others at
Microsft, in the form of the Threats and Countermeasures guide (https://www.
threatsandcountermeasures.com/wiki/default.aspx/Original.
ThreatsAndCountermeasures.HomePage) and the Building Secure ASP.NET
Applications guide (https://www.threatsandcountermeasures.com/wiki/
default.aspx/Original.BuildingSecureASP.HomePage).  This means the initial
content is quite ASP.NET specific, but this does not mean the site is all
about ASP.NET!  We want the site to cover all aspects of secure software
development.

The site also hosts blogs (https://www.threatsandcountermeasures.com/blogs)
by security professionals, where you will be able to find opinions on the
latest in threats and countermeasures news, as well as other ramblings.

We hope soon to be hosting video interviews of various security
professionals.  The first one is being worked on, so stay tuned!  Bad pun
unfortunately intended.

The site is an amalgamation of several ASP.NET applications, mainly the
FlexWiki engine and the .Text blogging engine.  As the code isn't ours,
we can't make any guarantees that there aren't any working security
examples in the site's code.  If you find any bugs or vulnerabilities,
please let us know, and we'll do our best to fix any problems.

A big thank you goes to JD Meier for being the brains behind the idea of
this site in the first place.  Rudolph Araujo
(https://www.threatsandcountermeasures.com/blogs/rudolph/) deserves most
if not all the credit for ceating the site system, and for fixing any
hitches that we've run into on the way.  Thanks to Michael Silk
(https://www.threatsandcountermeasures.com/blogs/michaels/) and Cameron
Childress (http://www.sumoc.com) for observing and reporting some of those
early hitches.  Mike Andrews
(https://www.threatsandcountermeasures.com/blogs/mikea/) put in a lot of
effort to get the original guides transferred onto the Wiki system, for
which he deserves our gratitude.  Also, thanks to Mark Curphey
(https://www.threatsandcountermeasures.com/blogs/marksblog/) for being the
main driving force behind this project.

Best regards,
Nick Murison
https://www.threatsandcountermeasures.com