Free

Secure development: BSIMM, SAMM and Sugar!

Event Information

Share this event

Date and Time

Location

Location

Nordnet AB

39 Alströmergatan

112 47 Kungsholmen

Sweden

View Map

Event description

Description

Owasp Stockholm, together with our sponsor Nordnet, invites you to an evening about security in development, and different models to improve the security posture from a development point of view.

BSIMM

The Building Security In Maturity Model (BSIMM) (http://bsimm.com/) is a unique tool built from an observation-based approach to capturing the collective activities of diverse software security initiatives. We initiated data gathering and analysis in 2008 with nine firms. There are now over 100 participant organisations in BSIMM, and we have measured many of these organisations more than once. Though secure software initiatives differ, all share common ground. BSIMM captures and describes this common ground. It therefore functions as a universal yardstick, capable of measuring any software security initiative and facilitating strategic planning for ongoing software security improvement. This talk will provide an introduction to version 9 of the model, how you can apply it to your organisation, and what benefits you can achieve in measuring your initiative.

Nick Murison is a Managing Consultant in Synopsys’ Software Integrity Group, and the European lead for BSIMM. His primary responsibility is the successful delivery of software security services to Synopsys’ clients across multiple industry verticals in Northern Europe. Nick holds a MSc in Information Security from Royal Holloway, University of London.


Running a Security Program like a Champion

Security improvement programs are hard. They require long term commitment and executive sponsorship to be possible at all. I will talk about my experiences from running security programs using the OWASP SAMM framework. Where should you start and how can you scale up to include all teams in the work.

Sebastian Åkerman is a Developer, Product integrator, Security Architect and coach with more than 20 years of experience in secure development. Now days Sebastian combines his acquired skills in helping clients improve their maturity in secure application development. Working as a consultant at Omegapoint has allowed him to experience many different dev orgs with varying interest in the security aspect of development.


Trust and Sugar

Combining sugar with behavioral phycology to improve the security posture.
Hugo Hirsh is part of the SecOps team at Kambi, a B2B sports betting company. He is passionate about bringing the learnings of Behavioral Psychology to Infosec, and has a passion for learning by doing, and frequently being found out of his depth.


Share with friends

Date and Time

Location

Nordnet AB

39 Alströmergatan

112 47 Kungsholmen

Sweden

View Map

Save This Event

Event Saved