Session Video
About this session
Discover how to elevate your DevOps security strategy with the OWASP DevSecOps Maturity Model (DSOMM). This comprehensive framework offers a structured approach to prioritizing and implementing security measures within DevOps practices.
In this workshop, Timo will introduce DSOMM and its practical application, demonstrating how to leverage DevOps strategies to enhance security. He’ll showcase the DSOMM application and its features, guiding you through the process of customizing and scaling your AppSec program. Specifically, how you can customize the activities your team(s) should implement with level, title, descriptions/requirements, and evidence to deliver it to your teams including the current implementation status. You’ll learn about the ““inheritance”” concept in DSOMM activities and its time-saving benefits, including automatic mapping to frameworks like SAMM and ISO 27001. Through an interactive exercise, you’ll create a small application security testing program based on DSOMM, gaining hands-on experience in prioritizing AppSec activities.
This talk offers tools and techniques for all skill levels, whether you’re new to AppSec/DevSecOps or looking to refine your existing strategies. Join us to learn how DSOMM can transform your approach to security and sharpen your skills in prioritizing AppSec/DevSecOps activities for enhancing impact.
Requirements:
- Docker
- Linux is recommended.