This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Ottawa"
(→Next Meeting: Tuesday, October 20th, 2009) |
(→Next Meeting: Tuesday, October 20th, 2009) |
||
| Line 13: | Line 13: | ||
Please RSVP to [email protected]. Please include name, company and how many attendees. | Please RSVP to [email protected]. Please include name, company and how many attendees. | ||
| − | == Next Meeting: Tuesday, | + | == Next Meeting: Tuesday, November 4th, 2009 == |
'''Meeting Sponsor: ''' | '''Meeting Sponsor: ''' | ||
| Line 19: | Line 19: | ||
{| width="900" border="0" align="left" cellpadding="1" cellspacing="1" | {| width="900" border="0" align="left" cellpadding="1" cellspacing="1" | ||
|- | |- | ||
| + | | [http://www.fortify.com http://www.owasp.org/images/7/7e/FORTIFY_LOGO_MED.jpg] | ||
| [http://www.2keys.ca http://www.owasp.org/images/7/75/2keys_%28big%29.jpg] | | [http://www.2keys.ca http://www.owasp.org/images/7/75/2keys_%28big%29.jpg] | ||
| [http://www.inverselabs.com http://www.owasp.org/images/0/00/Inverse_labs_logo_white.jpg] | | [http://www.inverselabs.com http://www.owasp.org/images/0/00/Inverse_labs_logo_white.jpg] | ||
| Line 37: | Line 38: | ||
'''Meeting schedule:''' | '''Meeting schedule:''' | ||
| − | 6:00-6:30 | + | 6:00-6:30 Pizza, wings and pop |
6:30-7:30 Main presentation | 6:30-7:30 Main presentation | ||
7:15-8:00 Open discussion and questions | 7:15-8:00 Open discussion and questions | ||
| − | '''Speaker: | + | '''Speaker: Pravir Chandra''' |
| − | ''' | + | '''Software Assurance Maturity Model (OpenSAMM)''' The Software Assurance Maturity Model (SAMM) into a software development organization. Covering more than typical SDLC-based models for security, SAMM enables organizations to self-assess their security assurance program and then use recommended roadmaps to improve in a way that's aligned to the specific risks facing the organization. Beyond that, SAMM enables creation of scorecards for an organization's effectiveness at secure software development throughout the typical governance, development, and deployment business functions. Scorecards also enable management within an organization to demonstrate quantitative improvements through iterations of building a security assurance program. This workshop will introduce the SAMM framework and walk through useful activities such as assessing an assurance program, mapping an existing organization to a recommended roadmap, and iteratively building an assurance program. Time allowing, additional case studies will also be discussed. OpenSAMM is an open a free project and has recently been donated to the Open Web Application Security Project (OWASP) Foundation. For more information on OpenSAMM, visit http://www.opensamm.org/ |
| − | |||
| − | ' | ||
| − | |||
| − | |||
| + | '''About The Speaker''' Pravir Chandra is Director of Strategic Services at Fortify Software and works with clients on software security assurance programs. Pravir is recognized for his expertise in software security, code analysis, and his ability to strategically apply technical knowledge. Prior to Fortify, he was a Principal Consultant affiliated with Cigital and led large software security programs at Fortune 500 companies. Pravir Co-Founded Secure Software, Inc. and was Chief Security Architect prior to its acquisition by Fortify. He recently created and led the Open Software Assurance Maturity Model (OpenSAMM) project with the OWASP Foundation, leads the OWASP CLASP project, and also serves as member of the OWASP Global Projects Committee. Pravir is author of the book Network Security with OpenSSL. | ||
Bruce holds a degree in Computer Systems Engineering as well as industry standard qualifications. | Bruce holds a degree in Computer Systems Engineering as well as industry standard qualifications. | ||
Revision as of 01:58, 21 October 2009
OWASP Ottawa
Welcome to the Ottawa chapter homepage. The chapter leaders are Mike Sues and Sherif Koussa
<paypal>Ottawa</paypal>
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
Meetings Location
Third Brigade: 40 Hines Rd Suite 200 Ottawa, Ontario, Canada K2K 2M5 Map
RSVP
Please RSVP to [email protected]. Please include name, company and how many attendees.
Next Meeting: Tuesday, November 4th, 2009
Meeting Sponsor:
|
|
|
|
|
Meeting schedule:
6:00-6:30 Pizza, wings and pop 6:30-7:30 Main presentation 7:15-8:00 Open discussion and questions
Speaker: Pravir Chandra
Software Assurance Maturity Model (OpenSAMM) The Software Assurance Maturity Model (SAMM) into a software development organization. Covering more than typical SDLC-based models for security, SAMM enables organizations to self-assess their security assurance program and then use recommended roadmaps to improve in a way that's aligned to the specific risks facing the organization. Beyond that, SAMM enables creation of scorecards for an organization's effectiveness at secure software development throughout the typical governance, development, and deployment business functions. Scorecards also enable management within an organization to demonstrate quantitative improvements through iterations of building a security assurance program. This workshop will introduce the SAMM framework and walk through useful activities such as assessing an assurance program, mapping an existing organization to a recommended roadmap, and iteratively building an assurance program. Time allowing, additional case studies will also be discussed. OpenSAMM is an open a free project and has recently been donated to the Open Web Application Security Project (OWASP) Foundation. For more information on OpenSAMM, visit http://www.opensamm.org/
About The Speaker Pravir Chandra is Director of Strategic Services at Fortify Software and works with clients on software security assurance programs. Pravir is recognized for his expertise in software security, code analysis, and his ability to strategically apply technical knowledge. Prior to Fortify, he was a Principal Consultant affiliated with Cigital and led large software security programs at Fortune 500 companies. Pravir Co-Founded Secure Software, Inc. and was Chief Security Architect prior to its acquisition by Fortify. He recently created and led the Open Software Assurance Maturity Model (OpenSAMM) project with the OWASP Foundation, leads the OWASP CLASP project, and also serves as member of the OWASP Global Projects Committee. Pravir is author of the book Network Security with OpenSSL. Bruce holds a degree in Computer Systems Engineering as well as industry standard qualifications.
Previous Meetings
September 10th, 2009 - Justin Foster - Speaker Notes: Download Here
April 6th, 2009 - Rafal Los - Speaker Notes: Download Here
July 16th, 2008 - John Linehan - Speaker Notes: Download Here
