OWASP Software Assurance Maturity Model (SAMM) is an open framework to help organizations start and implement a secure software development lifecycle that is tailored to the specific risks facing the organization. During the AppSec USA conference, the SAMM project team organises this workshop for you to influence in which direction SAMM evolves. The workshop is also an excellent opportunity to exchange experiences with your peers.
We will cover the following agenda:
- Introduction / getting to know each other
- Project status and goals
- OpenSAMM inventory of tools and templates
- Case studies / sharing experiences
- What do we need (thinking about improvements, can be anything ranging from translations over tools to model improvements)
- What do we need next (prioritization)
- Call for involvement (responsibilities), identity teams for specific topics
- Rough planning for the future
- Extra topic: source/build control