Introducing OpenCRE - Spyros Gasteratos

Introducing OpenCRE - Spyros Gasteratos

Open Common Requirement Enumeration(CRE) is a semantic web that links standards at the level of topics, within OWASP and beyond (NIST, PCI-DSS, ISO/IEC, MITRE, CIS etc etc). The CRE ties all standards and guidelines together and allows people to jump from source to source to learn more on a specific subject. For example, the CRE links an OWASP ASVS check to the corresponding Testing guide section, with the right Cheat sheet, Pro-active control and Top 10 entry. This presentation introduces the CRE, discusses the extensive research that has been done on the landscape of AppSec standards and describes how alignment is created through the unified CRE framework - positioning OWASP as a driver of community-based global consensus.​​​

SPEAKER BIO:

Spyros Gasteratos (@0xfde)

Spyros has been helping developers ship secure code for 10 years. He has been an OWASP volunteer since 2012 and he is currently the Product Security lead in the fintech company Thought Machine. He contributes to several Open Source projects including the security automation framework Dracon, the Integration Standards Project and the Security Knowledge Framework. Also, he usually doesn’t speak about himself in the third person.

This talk was presented at the @OWASP London Chapter Meetup on May 10th, 2022 hosted and sponsored by @Justeat & @JET Events ... https://www.youtube.com/watch?v=wqIw2SmKNms