This episode is based on content from the the Codific website. Voices and narrative are AI generated. For full factual acurracy refer to the Codific website.

https://codific.com/application-security-insights-and-other-exciting-stories/

This content is based on an article written by Nicolas Montauban. Voices and narrative are AI generated, for full factual accuracy refer to the underlying article.

https://codific.com/owasp-asvs-a-comprehensive-overview/

This podcast is based on the presentations and press releases of the OWASP and Codific team. For the latest insights check the Codific website.

This podcast is based on in depth analysis by Dr. Aram Hovsepyan. Voices and narrative are AI generated. For full factual accuracy refer to underlying article.

https://codific.com/top-application-security-failures-in-fortune-500-companies/

This podcast is based on in depth analysis by Dr. Aram Hovsepyan. Voices and narrative are AI generated. For full factual accuracy refer to underlying article.

https://codific.com/appsec-risk-with-cve-and-cvss/

Learn more about privacy threat modeling in this blog post: https://codific.com/privacy-threat-mo...In this podcast we had a very nice conversation with two experts in the field of privacy threat modeling, Kim Wuyts and Aram Hovsepyan. Privacy threat modeling is a process of identifying and assessing potential threats to an individual's personal information. Kim and Aram are experts in this topic and they helped to develop LINDDUN, a world-renowned methodology for privacy threat modeling. They helped us understand the importance of privacy threat modelling, how it is carried out in organizations, what are the frameworks that currently exist that facilitate it and much more!

Join us on this podcast as we convene with four leading Application Security specialists and focus on the assessment aspect of SAMM.SAMM Assessment is the process of figuring out the current security maturity for a given scope (which can be a team, a business unit or the entire organization). Software Assurance Maturity Model (SAMM) provides a clear-cut questionnaire with 90 multiple-choice questions and a list of quality criteria that represent the definition of done per question. However an objective and correct assessment is not as straightforward as it might seem. There are many issues such as who should conduct the assessment, how to ensure objective scoring, what is necessary to prepare in advance both by the interviewers and interviewees.In this engaging discussion, experts Aram Hovsepyan, Brian Glas, Rob van der Veer, and Maxim Baele discuss the process, practical implementation, best practices, tips and tricks when preparing and conducting SAMM assessments.Don't miss out on a free OWASP SAMM training led by Aram Hovsepyan: https://codific.com/the-owasp-samm-tr...In this podcast, we went over the following topics:CHAPTERS: 0:00 - 7:20 Introductions 7:21 - 18:39 Assessments by self vs internal team vs third party external team18:40 - 33:56 Interview practicalities33:57 - 46:51 How to make sure interview answers are truthful46:52 - 52:09 What shall the interviewee prepare in advance52:10 - 54:19 Using SAMM for mergers and acquisitions54:20 - 56:25 How can AI and LLMs help with SAMM assessments

In this episode, Jason Mordeno, Director of Compliance and Security at Sign In Solutions, shares how his team embedded application security directly into their SDLC using OWASP SAMM and SAMMY.Discover how Signin Solutions moved beyond ISO 27001 and SOC 2 checklists to create a behavior-driven, developer-friendly AppSec culture, resulting in improved security maturity, better risk posture, and even reduced cyber insurance premiums. Jason also reveals how SAMMY helps communicate security priorities across teams, making security a seamless part of everyday operations.Learn how you can build a resilient and scalable AppSec program with SAMMY.Related Success Story: codific.com/embedding-security-into-the-sdlc

This content is based on an article written by Nicolas Montauban.

Voices and narratives are AI generated. For full factual accuracy please refer to the underlying article:

https://codific.com/bsimm-building-security-in-maturity-model-a-complete-guide/

This episode is based on an article by Dr. Aram Hovsepyan and Alex Ashkov.

Voices and narrative are AI generated. For full factual accuracy refer to the underlying article.

https://codific.com/how-to-integrate-zap-in-gitlab/

This narrative is based on content from the Codific and AttendanceRadar Websites. For full factual accuracy please refer to the websites:

Codific.com

Attendanceradar.com

This content is based on an article written by Nicolas Montauban. Voices and narrative is AI generated, for full factual accuracy refer to the underlying article.

https://codific.com/how-to-implement-security-defect-tracking/

This content is based on an interview with Simon Montete. Voices and narrative are AI generated. For full factual accuracy please refer to the underlying article.

https://codific.com/prepare-for-cra/

This content is written by Nicolas Montauban. Voices are AI generated. For full factual accuracy refer to the underlying article:

https://codific.com/dsomm-vs-samm

This content is written by Nicolas Montauban. Voices and narrative is AI generated. For full factual accuracy refer the the article:

https://codific.com/owasp-dsomm-a-comprehensive-introduction

This content is written by Dr. Aram Hovsepyan.

https://codific.com/requirements-driven-testing-the-best-roi-security-practice

Voices and narrative are AI generated. For full factual accuracy refer to the underlying article.

The content for this podcast is written by Dr. Aram Hovsepyan.

https://codific.com/mastering-owasp-samm-security-requirements-explained

Narrative and voices are by AI, for full factual accuracy refer to the article linked.

The content of this episode is written by Dr. Aram Hovsepyan.

https://codific.com/how-to-implement-owasp-samm-tooling-example-and-mistakes-to-avoid

Voices and narrative are AI generated, refer to the article for full factual accuracy.

This episode is based on two articles. Voices are AI generated, for full factual accuracy refer to the articles below:

https://codific.com/building-security-into-software/

https://codific.com/implementing-owasp-samm

This episode is based on an article written by Michaella Masters. Voices are AI generated for full factual accuracy refer to the underlying article.

https://codific.com/how-to-implement-iso-27001