Navigating DevOps Security journey at Scale using OWASP SAMM 2.0
Hardik Parekh, Senior Director, Head of Product & Application Security, Owasp Samm
OWASP SAMM is the prime maturity model for software assurance that provides an effective and measurable way for all types of organizations to analyze and improve their software security posture. There are many elements to the equation: company risk profile, organizational structure, different stakeholders, technology stacks, tools and processes, and so forth. Implementing software assurance will have a significant impact on the organization. Yet, trying to achieve this without a good framework is most likely leading to just marginal and unsustainable improvements.
In this SnykCon talk Hardik Parekh reviews the new release of the SAMM model and demonstrates it to measure the maturity of an example DevOps team and how you can create a roadmap of activities.
Thirsty for more? Check out Snyk’s DevSecOps Hub for resources and tips you can implement: