Integrating SAMMv2 into Consulting Assessments
In this session, Tony Cargile, Regional Director of NCC Group, will be walking through a hypothetical assessment of a typical client engagement NCC Group conducts when assessing an organizations Software Development Lifecycle program. In this walk through, Mr. Cargile will be discussing how NCC Group has integrated SAMM version 2.0 into their guidance and reporting structure, giving their clients world class advice while adhering to an industry standard that allows companies to compare apples to apples. This session is great for any attendee that wants to understand how SAMM maps to multiple organizations and integrates with cutting edge advice for organizations of varying maturity.
Tony Cargile is a Regional Director with NCC Group, a global information security firm specializing in application, network, and mobile security. At NCC Group, Tony has participated in and led projects ranging from single consultant short-term engagements to 50 consultant month-long projects. Specializing in application security, Tony has performed reviews of a vast array of products in both white-box and black-box methodologies in languages across the spectrum. In addition to contributing to NCC Group’s assessments, Tony is the practice lead for the Security Development Lifecycle Service Line, developing methodologies, service offerings and overseeing all SDL engagements. Prior to NCC Group, Tony was a professional programmer and received a bachelor’s in Computer Science from the University of Texas at Austin.