HAMILTON, NJ, USA, August 17, 2022 /EINPresswire.com/ -- The application security space is at an inflection point. While longstanding methods like penetration testing remain important, regulatory pressure and market demands are increasing the focus on compliance standards and maturity models for secure software development. Development teams looking to “shift security left”—that is, earlier in the software development lifecycle (SDLC)—have a choice of supporting tools and frameworks. The OWASP Software Assurance Maturity Model (SAMM) is growing in popularity in this fast-changing space, owing to its comprehensiveness, flexibility, and applicability across diverse orgs. How are experts leveraging SAMM to enhance software security and validate compliance?

If you’re concerned with software security, you know that demands to prove apps are secure are increasing. Dynamic application security testing, code review and other methods to uncover flaws are useful to assess the security of a running application. But what about techniques and processes to build security into applications? How can orgs implement best-practice security testing and eliminate vulnerabilities earlier in the SDLC? And how are teams achieving compliance with standards like the NIST 800-218 Secure Software Development Framework (SSDF) for US government supply chains?

To explain how dev/test teams are leveraging the OWASP Software Assurance Maturity Model (SAMM) as a foundation for improving software security and compliance, Taylor Smith, Network & Application Penetration Testing Lead at Pivot Point Security, joined the latest episode of The Virtual CISO Podcast. The show’s host is John Verry, Pivot Point Security CISO and Managing Partner.

Topics discussed include:
• Comparing and contrasting SAMM, the OWASP Application Security Verification Standard (ASVS) and the Building Security In Maturity Model (BSIMM)
• What the five SAMM business functions and associated practices are all about
• SAMM’s flexibility to support any software development lifecycle (SDLC)
• How SAMM supports continuous improvement from wherever you are today
• Cross-referencing SAMM and the NIST 800-218 Secure Software Development Framework

If you need to build software security activities into your SDLC, you’ll find a wealth of useful guidance in this fast-paced, business-centric conversation with Taylor Smith and John Verry.

To hear this episode anytime, along with any of the previous episodes in The Virtual CISO Podcast series, visit this page.

About Pivot Point Security
Since 2001, Pivot Point Security has been helping organizations understand and effectively manage their information security risk. We work as a logical extension of your team to simplify the complexities of security and compliance. We’re where to turn—when InfoSec gets challenging.

Richard Rebetti
Pivot Point Security
+1 732-456-5618
email us here
Visit us on social media:
Facebook
LinkedIn

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.