This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Ensuring Software Assurance Process Maturity

Jump to: navigation, search


Registration | Hotel | Walter E. Washington Convention Center

The presentation

Owasp logo normal.jpg
All organizations—government and commercial—have a growing awareness of the need for an ongoing software assurance initiative. A successful initiative requires that organizations perform appropriate activities at each step in the software lifecycle. Doing so will help ensure organizations can reliably meet software assurance goals, including those related to reliability, resilience, security, and compliance. In order to help organizations begin to tackle assurance goals, Edmund Wotring III (Information Security Solutions, LLC) and Sammy Migues (Cigital, Inc) created the Software Assurance (SwA) Supply Chain Risk Management (SCRM) Checklist. The SwA SCRM Checklist incorporates mappings of several freely available models as a framework to help organizations establish a baseline of their practices. The SwA SCRM Checklist can facilitate better communication and understanding of the risks that may be introduced during software development and acquisitions, and also facilitate selection of a maturity model best suited to an organization’s needs.

Edmund Wotring

Edmund Wotring III is a Senior Security Engineer with Information Security Solutions, LLC. He has supported various federal government clients with security compliance and process improvement initiatives. He has advised senior leadership on how to ensure compliance processes can facilitate effective security. He currently supports the Department of Homeland Security National Cyber Security Division’s Software Assurance program.