File:ISC2 SecureSDLC OWASP Achieving Compliance v1.0 2012-05-04.pptx

Secure software development compliance requirements are becoming increasingly commonplace in enterprise software development contracts. Software assurance professional Mike Boberski discusses his recommendations for getting started working on both technical and process-related secure software development compliance requirements using the OWASP Top Ten and OpenSAMM as examples. Agile and iterative software development methodologies in particular are generally seen as being at odds with building security into enterprise applications during development. However, by looking at and working the problem from certain different angles, it turns out that secure software development compliance requirements can in fact be approached by developers in a familiar manner in order to achieve and maintain compliance.