SecAppDev 2024 lecture details
A complete view of application security with OWASP SAMM
This session introduces the OWASP SAMM framework and gives you a clear overview of the application security landscape. It will also help you understand how organizations should deal with software security at scale.
Tuesday June 4th, 11:00 - 12:30
Room Lemaire
Download handoutsAbstract
Organizations often deal with security in a reactive manner after the system has been deployed. Recent trends focus on the importance of shifting left. However a mature approach to application security requires a systematic and continuous effort across all stages of the software development lifecycle.
In this session, we will introduce how application security programs address the challenge of developing and maintaining secure software systems. We will zoom into OWASP Software Assurance Maturity Model, which is the industry standard worldwide.
Security is a journey; OWASP SAMM is the map.
Key takeaway
Learn about the full scope of application security, and how activities such as secure design, coding, pen testing, DevOps fit in this view.
Content level
Introductory
Target audience
CISO, Security Professionals, Software Architects, Developers, Breakers/Testers, Ops
Prerequisites
None
Aram Hovsepyan
CEO, Codific
Expertise: Application security programs, Secure software development
Related lectures
Winning the war in cyber
Keynote lecture by Jessica Robinson in room Lemaire
Monday June 3rd, 09:15 - 10:30
How well we adapt continues to influence our security strategies, our creativity, and our culture, in our companies and in our industry. It seems starting with ourselves is a natural place to begin.
Key takeaway: What the evolution of the security practitioner, and leader, will look in the future in winning the daily battles in cybersecurity.
Security-centric app development: the itsme® use case
Introductory lecture by Steve Mihy and Eric Bariaux in room Lemaire
Tuesday June 4th, 09:00 - 10:30
In this session, we will look at the history of the itsme® app and highlight how at every step security was at the forefront of the development. From the initial design to adding new features, the focus on security was never lost.
Key takeaway: The itsme® use case demonstrates how to keep security at the core of application development throughout its evolution.
AppSec is changing
Keynote lecture by Erlend Oftedal in room Lemaire
Wednesday June 5th, 16:00 - 17:15
In this keynote we will look at how appsec has been changing over the last 10 years and discuss what might come in the future.
Key takeaway: Overview of appsec as a field and where it's going