CTO, Truonix, LLC
Yan Kravchenko, CISSP, CSSLP, CISA, CISM has over 20 years of experience in the IT / Information Security industry. Over the past 4 years Yan has been developing ways to leverage OWASP SAMM to help measure application metrics portfolios for maturiy and security weaknesses. A part of the process is the concept of risk correlation that allows alighing applications against multiple risk measures, creating more realistic and useful metrics data.
Summit Goals:
- Work on pushing forward with SAMM 2.0
- Share tools / documents / visualizations in hopes of making OWASP SAMM 2.0 more enterprise friendly
- Collaborate on fleshing out the new Implementation Business Function
- Assist developing SAMM related questions for CertDev
OWASP Involvement
- PCI Mapping
- Enterprise Metrics Development
- SAMM 2.0
Yan Kravchenko Daily Schedule
| Monday | Tuesday | Wednesday | Thursday | Friday |
|---|
| SAMM Core Daily Scrum (Mon) Table 5 |
| SAMM Core Daily Scrum (Tue) Table 5 |
| SAMM Core Daily Scrum (Wed) Table 5 |
| SAMM Core Daily Scrum (Thu) Table 5 |
| SAMM Core Daily Scrum (Fri) Table 5 |
|
| | SAMMv2 working session - Governance 311 - OWASP SAMM villa |
| | | |
| | DevSecOps Maturity Model (DSOMM) Maulden room |
| SAMMv2 working session - Verification 311 - OWASP SAMM villa |
| | |
| SAMM - Best Practices Portland room |
| Time slot over-subscribed | SAMMv2 working session - Implementation 311 - OWASP SAMM villa |
| SAMMv2 Measurement Model 311 - OWASP SAMM villa |
| | |
| SAMM Round Table Portland room |
| | SAMMv2 Establish the Document Model 311 - OWASP SAMM villa |
| SAMM benchmarking 311 - OWASP SAMM villa |
| |
| SAMM DevSecOps Version 311 - OWASP SAMM villa |
| | | | |
Participating sessions details
| Title | Description | type | When | Time | Acting as |
|---|
Register as organizer
To register as an organizer of an session or track:
- add your name to the
organizers metadata field (in this case Yan Kravchenko)
