SAMM - OWASP Project alignment


Align SAMM with other OWASP projects. Include OWASP projects as resources for the SAMM practices in SAMM v2.0 (started online here)

Why

SAMM provides a program level view of activities for securing software. We need to include more OWASP (and other) projects in this view to help promote both the projects and provide concrete solutions for practitioners. This session will review and recommend projects that could help complete activities identified within SAMM.

What

  • Review existing project alignment
  • Provide recommendations for addition
  • Plan of project and activity alignment

Outcomes

  • Recommendations for addition to SAMM
  • Plan for project and activity alignment

Synopsis and Takeaways

  • We must make sure to remap “Flagship” and “Lab” projects for SAMM Version 2
  • Reach out to “Flagship” and “Lab” leaders to get references to the SAMM project and, if possible, link to an activity or security process.
  • Identify missing tools and artefacts that are needed for different activates
  • Make sure to promote these missing tools and artefacts to encourage people to undertake the project themselves.
  • Map a lower level of granularity; map at a level of activities

Who

The target audience for this Working Session is:

  • Security champions
  • Security architects
  • DevOps Roles
  • CISOs

Working materials

Here are the current ‘work in progress’ materials for this session

(please add as much information as possible before the sessions)

Content

https://www.owasp.org/index.php/Category:SAMM-Resources

…add content…



Back to list of all Working Sessions and Tracks

Edit this page here