:: History ::
Security BSides DFW 2011 - November 5, 2011 (Philip J Beyer) - http://lanyrd.com/skymf
:: Summary ::
I will present the difficulties and successes involved with realigning the development lifecycle at TEA using OpenSAMM.
:: Abstract ::
In "Pitfall!", a player must maneuver Pitfall Harry through a maze-like jungle to stay alive. Along the way, he must negotiate numerous hazards, try to recover treasure, and do it all in a limited time. Implementing OWASP's OpenSAMM in a large organization is kinda like playing that classic game. It's a little dangerous, requires vision, planning, and precision, and promises rewards. Like many of its size and with its mandate, the Texas Education Agency already has an SDLC. Enter Pitfall Phil. In an effort to build a stronger program, Pitfall Phil shifted the focus of TEA's application security program to align with OpenSAMM. I will present the hazards he discovered and the treasure he found while playing the game.