Skip to main content

Enterprise Application Risk Profiling

Enterprise Application Risk Profiling

Description:

A talk on application risk profiling on an enterprise scale (an OWASP SAMM activity - https://owaspsamm.org/model/design/threat-assessment/stream-a/). I will discuss digital transformation in the enterprise, how it impacts cloud native applications developed using agile methodologies and as a result, an oscillating application risk rating, which then triggers prioritized security-related activities by application security engineers.

Key topics will include:

  • Creating a baseline application risk profile

  • Dynamic characteristics of application risk factors

  • Significant changes that trigger security reviews

Intervenants:

Alex Mor

Global Director of Application Security, ABInBev