Difference between revisions of "OpenSAMM Adopters"

From OWASP
Jump to: navigation, search
(List of Organizations Adopting OpenSAMM)
m
 
(7 intermediate revisions by 2 users not shown)
Line 12: Line 12:
 
| Dell, Inc. || Michael J. Craigue || Information Security & Compliance || Technology || US || ''OWASP.org is a valuable resource for any company involved with online payment card transactions. Dell uses OWASP’s Software Assurance Maturity Model (OpenSAMM) to help focus our resources and determine which components of our secure application development program to prioritize. Participation in OWASP’s local chapter meetings and conferences around the globe helps us build stronger networks with our colleagues.''
 
| Dell, Inc. || Michael J. Craigue || Information Security & Compliance || Technology || US || ''OWASP.org is a valuable resource for any company involved with online payment card transactions. Dell uses OWASP’s Software Assurance Maturity Model (OpenSAMM) to help focus our resources and determine which components of our secure application development program to prioritize. Participation in OWASP’s local chapter meetings and conferences around the globe helps us build stronger networks with our colleagues.''
 
|-
 
|-
|<Fill in Organisation Name> || <Fill in Contact First Name, Family Name> || <Fill in Contact role in the organisation>|| <Fill in Organisation Type: Government, Finance, Healthcare, ...>|| <Fill in Region: Continent, Country>|| ''<Fill in Contact Testimonial>''
+
| KBC || Johan Jacobs || ICT Department Head || Banking || Europe || -
 
+
|-
 +
| Gotham Digital Science || Matt Bartoldus || Co-Founder & Director || Security services || Global || ''SAMM has defined the building blocks for effective software security assurance… Our clients can use the model to see what needs to be done and what skills and resources are needed to do the job. Best of all, businesses can use SAMM to quantify results and improvements by assessing practices against SAMM activities.''
 +
|-
 +
| Fortify Software || Brian Chess || Founder & Chief Scientist || Security services || Global || ''These days people understand that security has to be built in–it can’t be bolted on.  But for many a big question remains: what does it take to build secure software?  SAMM tackles that question head on with a framework for creating and growing a software security initiative.  SAMM has focused the way I think about the human side of the software security problem.''
 +
|-
 +
| ING Insurance International || Rob Moes || IT Security Manager || Insurance || Europe || ''Within ING Insurance International we adopted SAMM as it is a practical standard which provides guidance to build an Secure Application Development organization in clear and distinctive steps.''
 +
|-
 +
| ISG || Christian Heinrich || Application Security Manager || Health || Australia || ''ISG has integrated both OpenSAMM and BSIMM to measure security improvement over time in addition to our overall measurement of the "Capability Maturity Model for Software Development" published by Carnegie Mellon University".
 +
|-
 +
| SITA <br>(http://www.sita.aero)  || Dave Ockwell-Jenner || VP Product Security || Air Transport ITC  || Global || ''Our organization initiated it's software security program in response to the changing threat landscape in our industry. We adopted SAMM as the primary framework to plan, design, and drive implementation across our global software development organization. Combined with governance, training and an evolutionary approach to implementation (courtesy of SAMM) we have seen an approximate 75% increase in maturity and corresponding drop in potential security defects over the course of the program. Secure Software Development is now business-as-usual!''.
 +
|-
 +
| HP <br>(http://www.hp.com)  || Brian Hanson || Senior Security Architect || IT services || Global || ''When it came to evaluating product development environments,  HP’s scale and density presented a tough challenge for us. OpenSAMM has proved to be an invaluable tool to baseline our current SDL maturity and measure onward improvements.  Importantly, we are able to easily demonstrate our current capability level vis-à-vis industry standards and provide compelling business cases for our future investment portfolio.''
 +
|-
 +
|<Fill in Organisation Name> || <Fill in Contact First Name, Family Name> || <Fill in Contact role in the organisation>|| <Fill in Organisation Type: Government, Finance, Healthcare, ...>|| <Fill in Region: Continent, Country>|| ''<Fill in Contact Testimonial - OPTIONAL>''
 
|}
 
|}

Latest revision as of 07:39, 14 July 2015

List of Organizations Using OpenSAMM

Organization Name Contact Role Organization Type (*) Region Testimonial
Dell, Inc. Michael J. Craigue Information Security & Compliance Technology US OWASP.org is a valuable resource for any company involved with online payment card transactions. Dell uses OWASP’s Software Assurance Maturity Model (OpenSAMM) to help focus our resources and determine which components of our secure application development program to prioritize. Participation in OWASP’s local chapter meetings and conferences around the globe helps us build stronger networks with our colleagues.
KBC Johan Jacobs ICT Department Head Banking Europe -
Gotham Digital Science Matt Bartoldus Co-Founder & Director Security services Global SAMM has defined the building blocks for effective software security assurance… Our clients can use the model to see what needs to be done and what skills and resources are needed to do the job. Best of all, businesses can use SAMM to quantify results and improvements by assessing practices against SAMM activities.
Fortify Software Brian Chess Founder & Chief Scientist Security services Global These days people understand that security has to be built in–it can’t be bolted on. But for many a big question remains: what does it take to build secure software? SAMM tackles that question head on with a framework for creating and growing a software security initiative. SAMM has focused the way I think about the human side of the software security problem.
ING Insurance International Rob Moes IT Security Manager Insurance Europe Within ING Insurance International we adopted SAMM as it is a practical standard which provides guidance to build an Secure Application Development organization in clear and distinctive steps.
ISG Christian Heinrich Application Security Manager Health Australia ISG has integrated both OpenSAMM and BSIMM to measure security improvement over time in addition to our overall measurement of the "Capability Maturity Model for Software Development" published by Carnegie Mellon University".
SITA
(http://www.sita.aero)
Dave Ockwell-Jenner VP Product Security Air Transport ITC Global Our organization initiated it's software security program in response to the changing threat landscape in our industry. We adopted SAMM as the primary framework to plan, design, and drive implementation across our global software development organization. Combined with governance, training and an evolutionary approach to implementation (courtesy of SAMM) we have seen an approximate 75% increase in maturity and corresponding drop in potential security defects over the course of the program. Secure Software Development is now business-as-usual!.
HP
(http://www.hp.com)
Brian Hanson Senior Security Architect IT services Global When it came to evaluating product development environments, HP’s scale and density presented a tough challenge for us. OpenSAMM has proved to be an invaluable tool to baseline our current SDL maturity and measure onward improvements. Importantly, we are able to easily demonstrate our current capability level vis-à-vis industry standards and provide compelling business cases for our future investment portfolio.
<Fill in Organisation Name> <Fill in Contact First Name, Family Name> <Fill in Contact role in the organisation> <Fill in Organisation Type: Government, Finance, Healthcare, ...> <Fill in Region: Continent, Country> <Fill in Contact Testimonial - OPTIONAL>