Building a Security Initiative - Experience and BSIMM Measurement from the Field

Our February meetup features an old friend to the OWASP chapter and an interesting presentation. As always, well be providing food and drinks.

Abstract: The Building Security In Maturity Model (or BSIMM)

BSIMM observes and measures what firms' software security initiatives are actually doing. John, who has helped several firms build or improve their security initiatives, will share sometimes surprising data about security initiatives big and small. His presentation will focus on what
activities organizations use to "boot" security initiatives and which they presently focus on.

BIO - John Steven, Internal CTO
John’s expertise runs the gamut of software security from threat modeling and architectural risk analysis, through static analysis (with an emphasis on automation), to security testing. As a consultant, John has provided strategic direction to many multi-national corporations, and his keen interest in automation keeps Cigital technology at the cutting edge. Follow John on Twitter
@m1splacedsoul.