You have heard of this term - Security Champions or was it Satellites (that sounds weird..)? But what are they really? Is it a good idea? How many companies are doing this? OpenSAMM mentions Security Champions throughout the model document from identifying the champions to having them contribute to the various phases of the SDLC. How do we measure and recognise that contribution? If you’re convinced it needs to be done, how do you manage a Security Champions programme (at scale)? What methods and tools exist? This presentation is introducing the new OWASP Top 10 Maturity Categories for Security Champions - method and tool.
Speaker Bio
Lucian is Director of Application Security at Sage. Lucian holds a number of security certifications – MSc ITSec, MA Security Studies, CISSP, CSSLP (a), CISM, CISA, CEH, OSCP, SABSA Foundation and has previously worked in InfoSec/AppSec roles for a total of 15 years. Lucian has also led one of the Romanian OWASP Chapters and is a member of OWASP.
We use analytics cookies to understand how visitors use this site. See our privacy policy.
Cookie preferences
Necessary
Required for the site to work. Cannot be disabled.
Always on
Analytics
Helps us understand how visitors use the site (Google Analytics and Scarf page-view pixels on SAMM model pages). No personally identifiable information is collected.
