Yan Kravchenko

CTO, Truonix, LLC

Yan Kravchenko, CISSP, CSSLP, CISA, CISM has over 20 years of experience in the IT / Information Security industry. Over the past 4 years Yan has been developing ways to leverage OWASP SAMM to help measure application metrics portfolios for maturiy and security weaknesses. A part of the process is the concept of risk correlation that allows alighing applications against multiple risk measures, creating more realistic and useful metrics data.

Summit Goals: * Work on pushing forward with SAMM 2.0 * Share tools / documents / visualizations in hopes of making OWASP SAMM 2.0 more enterprise friendly * Collaborate on fleshing out the new Implementation Business Function * Assist developing SAMM related questions for CertDev

OWASP Involvement

  • PCI Mapping
  • Enterprise Metrics Development
  • SAMM 2.0

Sponsored By:

Participant's team(s):

Yan Kravchenko Daily Schedule

Monday Tuesday Wednesday Thursday Friday
10:00 - 10:30
SAMM Core Daily Scrum (Mon)
Table 5
SAMM Core Daily Scrum (Tue)
Table 5
SAMM Core Daily Scrum (Wed)
Table 5
SAMM Core Daily Scrum (Thu)
Table 5
SAMM Core Daily Scrum (Fri)
Table 5
10:30 - 12:30
SAMMv2 working session - Governance
311 - OWASP SAMM villa
13:30 - 15:00
DevSecOps Maturity Model (DSOMM)
Maulden room
SAMMv2 working session - Verification
311 - OWASP SAMM villa
15:30 - 16:30
SAMM - Best Practices
Portland room
Time slot over-subscribed
SAMMv2 working session - Implementation
311 - OWASP SAMM villa
SAMMv2 Measurement Model
311 - OWASP SAMM villa
16:30 - 17:30
SAMM Round Table
Portland room
SAMMv2 Establish the Document Model
311 - OWASP SAMM villa
SAMM benchmarking
311 - OWASP SAMM villa
19:30 - 21:00
SAMM DevSecOps Version
311 - OWASP SAMM villa

Participating sessions details

Title Description type When Time Acting as

Register as organizer

To register as an organizer of an session or track:

  • add your name to the organizers metadata field (in this case Yan Kravchenko)

Back to list of all Participants