OWASP SAMM: From zero to hero
Nariman Aga-Tagiev
Dassault SystemsCybersecurity Engineering Manager
Abstract
This presentation is about my experience with integrating OWASP SAMM into a big and diverse organization from scratch, without using external help of consultants.
I will share
- Strategies to persuade decision-makers to adopt the model
- How to approach first assessments and motivate teams to use it
- Side effects of adopting SAMM – boost awareness and interest for cybersecurity
- How to scale in a diverse and big organization
- Challenges that are still to be solved
Speaker bio
Application security expert with a sportive programming background. Has over two decades of software development experience in variety technology stacks, including native cloud.
Since 2016 has been in charge of the Application Security program as well as the Secure Software Development Lifecycle. Has extensive expertise with BSIMM, OWASP SAMM and the NIST SSDF.
Always willing to push oneself beyond one’s comfort zone and take on new technical problems in uncharted domains. Active corporate citizen, member of Dassault Systemes Great Place to Work ambassadors' team and employee representative at Committee of European Company.