Conference Web Banner

Back to Pre-Conference TrainingPage

Back to Conference Home Page

Bootstrap and Improve Your SDLC with OWASP SAMM

One-Day Interactive Training - OWASP New Zealand Day 2020


Incorporating a mix of lectures and workshops, this training delivers an in-depth view of and practical implementation of the [ OWASP Software Assurance Maturity Model (SAMM)]. SAMM provides an effective and measurable way for organizations to analyze and improve their software security posture.

Course Details

Dates: Thursday, 20 February 2020

Time: 8:45 a.m. to 5:30 p.m.

Course Fee: NZ $625.00 (plus EventBrite fees)

Registration Site:

Instructors: John DiLeo and John Ellingsworth

Course Outline

Course Description

Building security into the software development and management practices of a company can be a daunting task. There are many elements to the equation: company structure, different stakeholders, technology stacks, tools and processes, and so forth. Implementing software assurance can have a significant impact on the organization. Yet, trying to achieve this without a good framework is most likely leading to just marginal and unsustainable improvements. OWASP SAMM gives you a structural and measurable framework to do just that. It enables you to formulate and implement a strategy for software security that is tailored to the risk profile of your organization.

The goal of this one-day training, which is conceived as a mix of presentations and interactive workshops, is for the participants to get a more in-depth view of and practical feel for the OWASP SAMM model. The training is set up in three parts:

In case you haven’t started a secure software initiative in your organization yet, this training should provide you with the necessary foundations and ideas to do so. Be prepared for the highly effective and applicable treatment of this large domain!

And, in case you would be concerned about confidentiality issues, we adhere to the Chatham House Rule.

Your Instructors

Dr. John DiLeo - John is the Auckland-area leader of the OWASP New Zealand Chapter, and is employed as the Application Security Architect at Orion Health, a global company specialising in health information software. In his current role, he is responsible for managing the enterprise’s software assurance programme, with emphasis on governance, secure development practices, and security training. Before specialising in application security, John was active as a Java enterprise architect and Web application developer (mostly Java EE and LAMP). In an earlier life, John had specialised in developing discrete-event simulations of large distributed systems, in a variety of languages - including the Java-based language (FreeSML) he developed as part of his doctoral research. John is on the core team for the OWASP Software Assurance Maturity Model (SAMM) Project, and is Co-Leader of the OWASP Application Security Curriculum Project.

John Ellingsworth - John is a security principal at a Fortune 1000 company where he helps software development teams build and deliver secure enterprise solutions. When not delivering secure software solutions, he can be found hanging out with his family, often outdoors, and probably scaling mountains. John is on the core team for the OWASP Software Assurance Maturity Model (SAMM) Project.