Thomas talks about his experiences applying OWASP SAMM at different companies and discusses typical pitfalls to avoid when implementing security activities in the software development life-cycle. Aiming for a consistent maturity level across all security functions may seem appealing on paper, but in practice a more nuanced approach will help you ramping up your security posture much faster. Thomas will discuss how to use your security requirements as the backbone of secure software development and why enabling security champions is a great starting point to kickstart your SSDLC.
Speaker Bio
Thomas has worked as a security consultant at SEC Consult for over 15 years. In his role as principal security consultant and team leader, he does not only lead a team of experts, but is also still involved in customer projects hands-on. Currently he is engaged in projects concerning “Secure Software Development” and “Security Architecture” where he incorporates his experiences as a former penetration tester and security requirements engineer.
We use analytics cookies to understand how visitors use this site. See our privacy policy.
Cookie preferences
Necessary
Required for the site to work. Cannot be disabled.
Always on
Analytics
Helps us understand how visitors use the site (Google Analytics and Scarf page-view pixels on SAMM model pages). No personally identifiable information is collected.
