5. MS SDL for Agile
MS Security Development Lifecycle (SDL) is a software
development process that helps developers build more
secure software and address security compliance
requirements while reducing development cost
9. MS SDL is it THAT Agile?
• Needs to be fully implemented
• All functions are necessary
• Doesn’t deal with business restrictions
10. OWASP SAMM
The Software Assurance
Maturity Model (SAMM) is
an open framework to help
organizations formulate and
implement a strategy for
software security that is
tailored to the specific risks
facing the organization
23. SAMM 2.0
SAMM 2.0 is planned to be presented on OWASP 2018
Summer Summit
OWASP SAMM repository:
https://github.com/OWASP/samm/tree/master/v2.0
24. SAMM. Get involved
Special thanks to Yan Kravchenko – one of the SAMM
developers
If you want to contribute to the project or you just have
some interesting opinions – contact OWASP members