This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

People, Process, and Technology: OWASP Impact on the SwA Processes and Practices Working Group

Jump to: navigation, search


Registration | Hotel | Walter E. Washington Convention Center

The presentation

Owasp logo normal.jpg
Application security is an evolving field, and one that gets more complex each day as the threats and challenges increase. By integrating traditional process-improvement methods with application security considerations, rather than viewing application security as an afterthought, organizations establish the foundation to deliver security continuously throughout the lifecycle. This presentation will highlight the positive impact that OWASP efforts have had on the SwA Processes and Practices Working Group efforts to increase the adoption of application security practices through the use of people, process, and technology.

Michele Moss

Michele Moss is Lead Associate at Booz Allen Hamilton. She leads the development, integration, and benchmarking of security engineering and software assurance processes within Booz Allen’s Organizational Standard Processes. Michele assists government organizations with tailoring industry best practices and capability maturity models (CMMI, Assurance for CMMI, RMM, and SSE-CMM) to mature their systems/software development, operational, information assurance, project management, and support practices. Michele led the development and Booz Allen pilot of the Assurance Process Reference Model for CMMI. She provides expert support on ICT Supply Chain Risk Management and Software Assurance to DoD Trusted Mission Systems and Networks and is an active contributor to the evolution of International Cyber Security standards through the US Technical Advisory Group for ISO/IEC JTC1/SC7. She Co-Chairs the DHS Software Assurance Working Group on Processes & Practices and has spoken at multiple industry events on software assurance implementation, benchmarking and measurement. Michele holds a CISSP and CSSLP.