We from SOMAP.org strongly believe that Information Security is not a competitive issue. Information Security affects all of us and from sharing intelligence and working together on better tools and utilities we all can benefit.

Everything we work on we share in an open kind so that everybody is able to look at what we have done and to improve it even more.

Security is all about best practices and trust.

Best Practices are developed by a group of persons. A group of persons can become a Community. Open Source is exactly about this. Persons in need of something come together and develop that requirement in an open fashion.

SOMAP.org wants to define and freely distribute a Repository of Best Practices in Risk Management. We therefore chose the "Open Source way" as our method of operation. Only if Rules and Methods are used and accepted by a wide range of persons, it can become a Best Practice.

Besides these thoughts, Security is all about trust. Trust can only be built if one can verify that the things which are said are true and make sense. Because of that, all of SOMAP.org's results and projects are released freely, so they can be analyzed and the users can trust what they see. For us it is very important to act according to Secure by verification.