Securitymetrics.org offers a members-only mailing list. Applications to join the mailing list are vetted by David Mortman. Andrew Jaquith still moderates the list, but is no longer the list-vetter.

Privacy #

The goal for the securitymetrics list is to provide a forum for ideas and innovation in the area of security measurement. We take the privacy of our members seriously. The list of members is known only to the website owner (Andrew) and list manager (David). That’s no guarantee of privacy, of course, but it does mean that what people say on the list, stays on the list.

Vetting Process #

Oh, and one more thing. We screen everyone asking to join the list so we can have some assurance that prospective members are real people, are not obviously in the employ of spammers, and have demonstrated a minimum level of interest in security. The primary research tool for vetting identities is the same as Johnny Long’s: Google. If we can’t figure out who you are, you’ll get a message asking you for more details.

Don’t let the vetting dishearten you: if you’ve been intrepid enough to make it to this web page, you’re probably our sort of person to begin with. If you are still undaunted, here’s the magic link where you can request admission.

Note: if you want to speed up the process a bit, send an e-mail to David’s address, mortman at gmail dot com. We strongly prefer that you use a work address because we have a better chance of verifying that you exist, or at the very least, your employer does. Referrals from current members help, too.

Note about anonymous e-mail accounts: we do not have time to chase down random e-mail addresses like {Glenn <ve6rsx@gmail.com>}. People who insist on using obscure account names are strongly encouraged to send an e-mail, with a referral and an explanation of your interest. Sorry.