Ottawa

Meetings Location
Third Brigade: 40 Hines Rd Suite 200 Ottawa, Ontario, Canada K2K 2M5 Map

RSVP
Please RSVP to owasp.ottawa@gmail.com. Please include name, company and how many attendees.

Next Meeting: Tuesday, November 4th, 2009
Meeting Sponsor: 

Meeting schedule:

5:45-6:15 Pizza, wings and pop 6:15-7:00 Main presentation 7:00-7:30 Open discussion and questions

Speaker: Pravir Chandra

Software Assurance Maturity Model (OpenSAMM) The Software Assurance Maturity Model (SAMM) into a software development organization. Covering more than typical SDLC-based models for security, SAMM enables organizations to self-assess their security assurance program and then use recommended roadmaps to improve in a way that's aligned to the specific risks facing the organization. Beyond that, SAMM enables creation of scorecards for an organization's effectiveness at secure software development throughout the typical governance, development, and deployment business functions. Scorecards also enable management within an organization to demonstrate quantitative improvements through iterations of building a security assurance program. This workshop will introduce the SAMM framework and walk through useful activities such as assessing an assurance program, mapping an existing organization to a recommended roadmap, and iteratively building an assurance program. Time allowing, additional case studies will also be discussed. OpenSAMM is an open a free project and has recently been donated to the Open Web Application Security Project (OWASP) Foundation. For more information on OpenSAMM, visit http://www.opensamm.org/

About The Speaker Pravir Chandra is Director of Strategic Services at Fortify Software and works with clients on software security assurance programs. Pravir is recognized for his expertise in software security, code analysis, and his ability to strategically apply technical knowledge. Prior to Fortify, he was a Principal Consultant affiliated with Cigital and led large software security programs at Fortune 500 companies. Pravir Co-Founded Secure Software, Inc. and was Chief Security Architect prior to its acquisition by Fortify. He recently created and led the Open Software Assurance Maturity Model (OpenSAMM) project with the OWASP Foundation, leads the OWASP CLASP project, and also serves as member of the OWASP Global Projects Committee. Pravir is author of the book Network Security with OpenSSL. Bruce holds a degree in Computer Systems Engineering as well as industry standard qualifications.

Previous Meetings
September 10th, 2009 - Justin Foster - Speaker Notes: Download Here

April 6th, 2009 - Rafal Los - Speaker Notes: Download Here

July 16th, 2008 - John Linehan - Speaker Notes:

November 28th, 2007 - Eric Klien - Make my day