Between helpful guidance and overwhelming information: 5 lessons learned when kickstarting security with SAMM
Clemens Hübner
Software Security Engineer
inovex GmbH
Abstract
In the last two years, we started using OWASP SAMM at several clients with multiple teams. In this talk, we will report our experiences with the framework from the perspektive of different teams with various maturity. We will discuss the guidance SAMM offers, the biggest issues when ramping up a new organization and things we do different today than we did some years ago.
The talk gives some perspectives of security professionals relatively new to SAMM and hopefully will contribute to some discussions afterwards.
Speaker Bio
For more than ten years, Clemens Hübner has been working at the interface between software and security. After roles as a software developer and in penetration testing, he joined inovex in 2018 as a software security engineer. Today, he supports development projects at the conception and implementation level, trains colleagues, and advises on DevSecOps.
We use analytics cookies to understand how visitors use this site. See our privacy policy.
Cookie preferences
Necessary
Required for the site to work. Cannot be disabled.
Always on
Analytics
Helps us understand how visitors use the site (Google Analytics and Scarf page-view pixels on SAMM model pages). No personally identifiable information is collected.
