OWASP SAMM Workshop

Preparing for the EU Cyber Resilience Act with OWASP SAMM
This full-day, interactive workshop provides a detailed understanding of the EU Cyber Resilience Act (CRA) and its implications for organizations producing products with digital and software components. We will deep dive into how OWASP SAMM (Software Assurance Maturity Model) can help your organization get ready for it. We will explore the CRA’s key requirements - including its timeline, affected product categories, impact on Open Source Software, financial penalties, and expected application security activities. You’ll gain a clear understanding of how SAMM maps to CRA obligations and how it can serve as a practical foundation for compliance and continuous improvement.

Through interactive exercises and group discussions, participants will learn how to perform SAMM assessments, address organizational and cultural challenges, and prioritize improvements based on company context. We’ll dive deep into SAMM’s activities, discuss success criteria's, and connect it with related frameworks such as DSOMM and AI Maturity. By the end of the day, you’ll walk away with a clear set of next steps to elevate your application security maturity and prepare effectively for the EU CRA.

Requirements:
Participants can bring their laptops in order to follow along with SAMM assessment, but it's not a requirement. Mostly the session will be interactive

Agenda (Subject to Change):
TBD