[Owasp-boston] OWASP Boston Wed. Nov. 3 meeting

Weiler, Jim Jim.Weiler at starwoodhotels.com
Thu Oct 28 23:33:44 EDT 2010


Main Topic - Open SAMM - Software Assurance Maturity Model

The Software Assurance Maturity Model (SAMM) project is committed to
building a usable framework to help organizations formulate and
implement a strategy for application security that's tailored to the
specific business risks facing the organization. The goal is to create
well-defined and measurable goals that can be used by small, medium,and
large sized organizations in any line of business that involves software
development. The Software Assurance Maturity Model (SAMM) project is
committed to building a usable framework to help organizations formulate
and implement a strategy for application security that's tailored to the
specific business risks facing the organization. The goal is to create
well-defined and measurable goals that can be used by small, medium,and
large sized organizations in any line of business that involves software
development. 

Presenter - Pravir Chandra, OWASP Open SAMM Project Leader, Director of
Strategic Services at Fortify Software

Comments about Open SAMM - 

"From a consultant's perspective, it's impressive to our clients that
OpenSAMM has been approved not only by us but also by a number of our
industry peers," said Matt Bartoldus, a Director at Gotham Digital
Science, an information security consulting firm. "Plus, its versatility
enables us to apply it to our full range of clients, regardless of the
size, type of software or method of development."

 

"I have conducted, sold and project managed SAMM engagements to
financial service (FS) organisations throughout Europe over the past
years. It is obvious the demand is growing for such services. The rise
in demand of  "security at source" be it via code review, secure
development or grey box penetration testing and a supporting framework
to tie it all together and understandably so as SAMM is one of the first
pragmatic benchmarking and assessment frameworks for the somewhat
ancient "Security in the SDLC" challenge.  "

Eoin Keary, runs the Ernst & Young application security team across
Europe.

 

http://www.owasp.org/index.php/Boston

 

Date - November 3

 

Time - 6:30 p.m.

 

Location and Directions - 

 

Microsoft offices at the Waltham Weston Corporate Center, 201 Jones Rd.,
Sixth Floor Waltham, MA

 

>From Rt. 128 North take exit 26 toward Waltham, East up the hill on Rt.
20. From Rt 128 South take exit 26 but go around the rotary to get to 20
East to Waltham. Follow signs for Rt. 117 (left at the second light).
When you get to 117 turn left (West). You will cross back over Rt. 128.
Jones Rd. (look for the Waltham Weston Corporate Center sign) is the
second left, at a blinking yellow light, on Rt. 117 going west about 0.1
miles from Rt. 128 (I95). The office building is at the bottom of Jones
Rd. Best parking is to turn right just before the building and park in
the back. Knock on the door to get the security guard to open it. The
room is MPR C.

 

Jim Weiler   CISSP  CSSLP  GSSP-Java

Starwood Hotels and Resorts

Sr. Mgr. Information Security Risk Assessment

Office - 781 356 0067

Cell - 781 654 6048

 



This electronic message transmission contains information from the Company that may be proprietary, confidential and/or privileged. 
The information is intended only for the use of the individual(s) or entity named above.  If you are not the intended recipient, be 
aware that any disclosure, copying or distribution or use of the contents of this information is prohibited.  If you have received 
this electronic transmission in error, please notify the sender immediately by replying to the address listed in the "From:" field. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-boston/attachments/20101028/27a495f2/attachment.html 


More information about the Owasp-boston mailing list