GISPP: GISPP SESSIONS

OWASP Software Assurance Maturity Model (SAMM) Introduction

Useful Links

This Session is an introduction to OWASP Software Assurance Maturity Model (SAMM) .The Presenter tells you on what is SAMM and then takes you through the core Principles of SAMM , Software assurance lifecycle and its maturity levels . Presenter's Profile ================== Rehan is an information security professional with more than 15 years of progressive experience. Proven ability in helping organizations both in public and private sectors to comply with their cybersecurity requirements. In his career, Rehan acted as a trusted advisor to organizational leaders of cybersecurity programs, helped developed information security policies and advocated for change in cybersecurity policy to support organizational cyberspace. Managed and led multitude of cybersecurity projects which includes security policies and procedures development, risk management and compliance, security audits, enterprise network vulnerability assessments and penetration testing and application security. Areas of expertise include: -Enterprise network and architecture security -Application security -Security project management -Risk management -Audit and compliance (FISMA, NIST, ISO, PCI) -Industrial control systems security -Cloud security -Digital Forensics -Team building and leadership Rehan holds a bachelor degree in addition to numerous security and risk certifications including CISSP, CISA and CAP. Rehan enthusiastically pursues continuous professional development opportunities; he has completed Stanford University’s Cybersecurity and Executive Strategy program.

GISPP Introduction - GISPP Introduction by its Founder

Industrial Revolution 4 - Industrial revolution 4 (IR 4) and its impact on our lives

CISSP Certification - CISSP Certification Overview

CISSP Domain 1 - Part 1 - CISSP Domain 1 - Security and Risk Management (Part 1)

CISSP Domain 1 - Part 2 - CISSP Domain 1 - Security and Risk Management (Part 2)

CISSP Domain 2 - Part 1 - CISSP Domain 2 - Asset Security (Part 1)

CISSP Domain 2 - Part 2 - CISSP Domain 2 - Asset Security (Part 2) - By GISPP

CISSP Domain 3 - Part 1 - CISSP Domain 3-Security Architecture and Engineering- Part 1

CISSP Domain 3 - Part 2 - CISSP Domain 3-Security Architecture and Engineering- Part 2

CISSP Domain 4 - Part 1 - CISSP Domain 4 - Communications and Network Security (Part-1)

CISSP Domain 4 - Part 2 - CISSP Domain 4 - Communications and Network Security (Part-2)

CISSP Domain 5 - CISSP Domain 5 - Identity and Access Management - By GISPP Pakistan

CISSP Domain 6 - CISSP Domain 6 : Security Assessment and Testing

CISSP Domain 7 - Part 1 - CISSP Domain 7 : Security Operations ( Part 1)

CISSP Domain 7 - Part 2 - CISSP Domain 7 : Security Operations ( Part 2)

CISSP Domain 8 - CISSP Domain 8 : Software Development Security

Career Advice - Information Security Career Advice

Artificial Intelligence - AI enabled Counter Intelligence & Deception : The future of Cybersecurity

CISA Exam Overview - CISA Exam Overview - By Gispp Pakistan

CISA Domain 1 - Part 1 - CISA Domain 1 : Process of Auditing Information Systems (Part 1)

CISA Domain 1 - Part 2 - CISA Domain 1 : Information System Audit Planning (Part 2) -

CISA Domain 1 - Part 3 - CISA Domain 1 : Risk based Auditing (Part 3)

CISA Domain 1 - Part 4 - CISA Domain 1 : Internal Controls (Part 4) - By GISPP Pakistan

CISA Domain 1 - Part 5 - CISA Domain 1 : Audit , Sampling and Report (Part 5) - By GISPP Pakistan

CISA Domain 2 - Part 1 - CISA Domain 2 - Introduction to IT Governance

CISA Domain 2 - Part 2 - CISA Domain 2 - IT Governance and Management

CISA Domain 2 - Part 3 - CISA Domain 2 - It Governance and Management (Part 3)

CISA Domain 2 - Part 4 - CISA Domain 2 - IT Governance and Management (Part 4)

CISA Domain 2 - Part 5 - CISA Domain 2 - IT Governance and Management (Part 5)

CISA Domain 3 - Part 1 - CISA Domain 3 - Information Systems, Acquisition, Development and Implementation (Part 1)

CISA Domain 3 - Part 2 - CISA Domain 3 - Information Systems, Acquisition, Development and Implementation (Part21)

Penetration testing Career Path - Cyber Security : How to Progress as a Penetration Tester

Cisco Certifications 2020 - An Overview of 2020 Cisco Certifications

NGFW Policy fundamentals - NGFW policy fundamentals and threat tuning for Palo Alto Firewalls

DMARC Introduction - Securing your organizational reputation via DMARC

CRISC Exam overview - CRISC Exam review and Domain-1: It Risk Identification - By GISPP Pakistan

CRISC Domain 2 - CRISC Domain 2 : IT Risk Assessment

CRISC Domain 3 - CRISC Domain 3: Risk Response and Mitigation

CRISC Domain 4 - CRISC : Domain 4 - Risk and Control Monitoring and Reporting - By GISPP Pakistan

AWS Overview - Overview of Amazon Web Services (AWS)

Active Directory Advanced attacks - Detecting and Protecting Active Directory Environment againts Advanced attacks

APT Analysis - An eye opening Foray to APT( Advanced Persistent Threat) Land

Next Generation SOC - How to build a next generation Security Operations Center (SOC) from scratch

Penetration testing Lesson 1 - Penetration Testing a Linux Machine (Beginners Level)

Penetration testing Lesson 2 - Penetration Testing a Linux Machine (Intermediate Level)

Python Basics - How to Automate your technology using Python

CV Building tips - Best Practices to Make Impressive CV

An Introduction to Splunk Enterprise - Splunk Essentials

Splunk Essentials Lab - Splunk Installation and Basic Configuration

Linux for Dummies (Part 1) - Linux history and Linux flavors

Linux for Dummies (Part 2) - Installing Linux , Basic Commands using Terminal.

Linux for Dummies (Part 3) - Use Accounts & Monitoring Commands.

Linux for Dummies (Part 4) - Linux File System Partitions, File System Check Commands.

Linux for Dummies (Part 5) - Linux Desktop and It's Different Components.

Splunk Enterprise Logs Onboarding - Syslog-NG and Logs Collection using it.

Splunk Logs Onboarding with SyslogNG Demo - Logs Onboarding with SyslogNG Demonstration

Advanced Usage of Nmap - Nmap Usage - Advanced Usage,

What is Digital and Computer Forensics - Digital and Computer Forensics Overview

Digital and Computer Forensics Demo - Autopsy usage and demonstration

Cross Site Scripting (XSS) Vulnerability Comprehensive Review - Cross Site Scripting & Types.

Risk Management - Risk Management & Risk Assessment.

Infoblox DDI and DNS Security Solution Introduction - DDI and DNS Security

What is Digital Transformation - Digital Transformation Concepts

OWASP Software Assurance Maturity Model (SAMM) Introduction - SAMM Introduction.

Getting Started with Bug Bounty - Bug Bounty Hunting

How to Utilize Purple Teaming in DFIR Activities - DFIR

Breaking into Cybersecurity as a SOC Analyst - Information Security Graduates.

Shahzad subhani

GISPP (Global Information Security Society for Professionals of Pakistan) was initiated by a group of Pakistani Information Security professionals living and working in Saudi Arabia. Despite being a humble start, GISPP is now actively present on different social connectivity platforms including Telegram, Facebook, Instagram, Twitter, YouTube, LinkedIn and largely on Whatsapp. As of now , GISPP has members from 18 countries including Pakistan, Saudi Arabia, UAE, Qatar, Kuwait, Oman, USA, Canada, United Kingdom, Australia and New Zealand. If you are a Pakistani and working in Information security field anywhere in the world ,you are welcome to join GISPP by following the links mentioned on our website . In order to join our Whatsapp Groups ,you can message us your name ,city and LinkedIn Profile.