Bart De Win is a director within PwC Belgium with 20 years of experience in the development and evaluation of software. He has an extensive background in the field, including a Ph.D. and research on methods and techniques for software security.
Since 2009, Bart is responsible for the application security services within Ascure/PwC, and since 2016 for all technical security assessment services. He has a track record in software evaluations, and in advising companies in secure software development (SDLC). Bart is SABSA, Prince2 and CSSLP certified and he is active in the international OWASP organisation, as a co-leader of the Belgian chapter and as a co-leader of the SAMM project. Within PwC Belgium, he is the reference regarding software in general.
Bart has executed and managed a large portfolio of software evaluations, including architecture reviews, threat modelling, code reviews, penetration tests, software quality reviews, open source scans and software development evaluations. He has also worked on IT architecture, IT due diligence, software innovation and software portfolio management. Finally, he has experience in specific security topics including Identity & Access Management (IAM) and Public Key Infrastructures (PKI). Bart has worked in various sectors, including financial and governmental, retail, utility, medical and social. He is active as a trainer and speaker on international seminars and conferences covering a variety of topics.
Session: DevOps Assurance With OWASP SAMMv2
OWASP SAMM is the prime open source maturity model for software assurance that provides an effective and measurable way for all types of organizations to analyse and improve their software security posture.
We will cover the DevOps implementation of SAMMv2 to make your software and CI/CD: -Measurable: defined maturity levels across business practices -Actionable: clear pathways for improving maturity levels -Versatile: applicable to DevOps