User day

SAMM: Tools of the Trade

speaker picture

John Ellingsworth



S&P 500 company
Security principal

Abstract

In this interactive discussion, we’ll review some of the tools currently available to assist in assessing your application security posture using the OWASP SAMM framework. Each of these tools has its own features and benefits that allow you to choose the right option for your journey, and participants will discover how they can leverage existing solutions to kick start their application security assurance program - ASAP! Some tools we’ll look at include the OWASP SAMM Toolkit, self-hosted applications, vendor tools, and Google Docs & Data Studio. You might even have one you created and/or use, and would like to share in this interactive overview of the various tools that have helped you make your program a success!

Speaker bio

John Ellingsworth is a security principal at an S&P 500 company where he helps software development teams build and deliver secure enterprise solutions. When not delivering secure software solutions, he can be found hanging out with his family, often outdoors, and probably scaling mountains. John is on the core team for the OWASP Software Assurance Maturity Model (SAMM) Project, and a co-author of OWASP SAMM 2.0. He is also a chapter leader for OWASP Maine.