John DiLeo - Orion Health Abstract The OWASP SAMM Project Team recently release a Beta version of SAMM 2.0, which is currently open for comment. The model provides a framework for assessing the maturity of an organisation’s software assurance program, and identifying areas for future emphasis in improving the security of their development practices. This talk will provide an overview of the model, the benefits that can be realised by organisations utilising the model, and the process for assessing the maturity of the organisation’s software assurance program. Speaker Biography John is one of the co-leaders of the OWASP New Zealand Chapter. He moved to Auckland, from the United States, in 2017, and now works as Orion Health's Application Security Architect. John's focus is on developing and managing enterprise-wide Software Assurance Programmes, including the assessment of the organisation's maturity and building a roadmap to improve. This led him to join the core team of the OWASP SAMM project, where he helped to create the new model. Before moving into application security, John worked as a solution architect, a Web development lead, and in developing discrete-event simulations of distributed systems. Along the way, he's also worked as a college instructor, trainer, and general IT consultant. This presentation is from OWASP New Zealand Day 2019, which was held on 22 Feb 2019 in Auckland, New Zealand.