logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Sebastien Deleersnyder, Bart De Win
2023-02-15

Are you looking for an effective and measurable way to analyze and improve your organization's software security posture? Look no further! During this talk, Seba and Bart, the co-leaders of the OWASP SAMM project, will introduce you to OWASP SAMM v2.1 - the premier maturity model for software assurance. They will provide a thorough overview of how to use SAMM in your organization and highlight the new features of the recently released v2.1. In addition, they will share the results of our 2022 SAMM survey and provide an update on the revamped SAMM benchmark initiative. Don't miss this opportunity to learn from the experts and take your organization's software security to the next level!
Authors: Ricardo Katz, James Strong
2022-10-28

tldr - powered by Generative AI

The presentation discusses the complexity of managing the Ingress Nginx project and the roadmap for future developments.
  • The Ingress Nginx project is complex and requires extensive testing and maintenance
  • The project includes multiple container images, static configurations, annotations, and configuration options
  • The roadmap includes a data plan control plane split and the addition of new features such as Open Telemetry
  • Users are encouraged to test new releases and provide feedback to ensure stability
  • The CH root environment was added to address a CVE vulnerability and will be removed once the CPDP split is complete
Authors: Brian Glas
2021-09-24

tldr - powered by Generative AI

The presentation discusses the process of creating the OWASP Top 10 2021 and the core principles that guided the selection of the top 10 risk categories.
  • The OWASP Top 10 is a baseline for software security and not a ceiling.
  • Data is important but has limitations as it reflects the past and not necessarily the present.
  • Stability is crucial in the selection of the top 10 risk categories to provide foundational stability for others to build on.
  • The goal is to raise the minimum bar and improve security across the industry and community.
  • Driving the right behavior is important to improve software security across the industry.
  • Root cause analysis is important in identifying and addressing software security issues.
  • The OWASP Top 10 2021 was created through a process of data collection, survey, data analysis, categorization, drafts, reviews, and the released product.