Merge pull request #312 from devsecopsmaturitymodel/feat/dsomm-day

Feat/dsomm day

README.md

@@ -24,6 +24,11 @@ You can switch on to show open TODO's for evidence by changing IS_SHOW_EVIDENCE_
 
 This page uses the Browser's localStorage to store the state of the circular headmap.
 
+# Changes
+Changes to the application are displayed at the release page of [DevSecOps-MaturityModel](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/releases).
+
+Changes to the maturity model content are displayed at the release page of [DevSecOps-MaturityModel-data](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/releases).
+
 # Community
 Join #dsomm in [OWASP Slack](https://owasp.slack.com/join/shared_invite/zt-g398htpy-AZ40HOM1WUOZguJKbblqkw#/).
 Create issues or even better Pull Requests in [github](https://github.com/wurstbrot/DevSecOps-MaturityModel/).

src/app/app-routing.module.ts

@@ -1,6 +1,7 @@
 import { Component, NgModule } from '@angular/core';
 import { RouterModule, Routes } from '@angular/router';
 import { AboutUsComponent } from './component/about-us/about-us.component';
+import { UserdayComponent } from './component/userday/userday.component';
 import { CircularHeatmapComponent } from './component/circular-heatmap/circular-heatmap.component';
 import { MappingComponent } from './component/mapping/mapping.component';
 import { MatrixComponent } from './component/matrix/matrix.component';
@@ -16,6 +17,7 @@ const routes: Routes = [
   { path: 'usage', component: UsageComponent },
   { path: 'teams', component: Teams },
   { path: 'about', component: AboutUsComponent },
+  { path: 'userday', component: UserdayComponent },
 ];
 
 @NgModule({

src/app/app.component.css

@@ -1,22 +1,22 @@
 
-  .main-container {
-    width: 100%;
-    height: 100%;
-    /*border: 10px solid yellow;*/
-  }
-  
-  .sidenav-content {
-    display: flex;
-    padding: 10px;
-    align-items: left;
-    justify-content: left;
-    /*background-color: red;*/
-  }
-  
-  .example-sidenav {
-    padding: 20px;
-  }
-  
-  .github-fork-ribbon:before { 
-    background-color: #333; 
-  }
+.main-container {
+  width: 100%;
+  height: 100%;
+  /*border: 10px solid yellow;*/
+}
+
+.sidenav-content {
+  display: flex;
+  padding: 10px;
+  align-items: left;
+  justify-content: left;
+  /*background-color: red;*/
+}
+
+.example-sidenav {
+  padding: 20px;
+}
+
+.github-fork-ribbon:before {
+  background-color: #333;
+}

src/app/app.module.ts

@@ -17,6 +17,7 @@ import { CircularHeatmapComponent } from './component/circular-heatmap/circular-
 import { MappingComponent } from './component/mapping/mapping.component';
 import { ReadmeToHtmlComponent } from './component/readme-to-html/readme-to-html.component';
 import { UsageComponent } from './component/usage/usage.component';
+import { UserdayComponent } from './component/userday/userday.component';
 import { AboutUsComponent } from './component/about-us/about-us.component';
 import { DependencyGraphComponent } from './component/dependency-graph/dependency-graph.component';
 import { Teams } from './component/teams/teams.component';
@@ -38,6 +39,7 @@ import { ToStringValuePipe } from './pipe/to-string-value.pipe';
     DependencyGraphComponent,
     Teams,
     ToStringValuePipe,
+    UserdayComponent,
   ],
   imports: [
     BrowserModule,

src/app/component/sidenav-buttons/sidenav-buttons.component.ts

@@ -13,6 +13,7 @@ export class SidenavButtonsComponent {
     'Usage',
     'Teams',
     'About Us',
+    'DSOMM User Day 2024',
   ];
   Icons: string[] = [
     'table_chart',
@@ -21,6 +22,7 @@ export class SidenavButtonsComponent {
     'description',
     'people',
     'info',
+    'school',
   ];
   Routing: string[] = [
     '/',
@@ -29,6 +31,7 @@ export class SidenavButtonsComponent {
     '/usage',
     '/teams',
     '/about',
+    '/userday',
   ];
   constructor() {}
 }

src/app/component/userday/userday.component.css

@@ -0,0 +1,8 @@
+table :is(td, th) {
+    border: 1px solid black;
+    padding: 0.3em;
+}
+
+tr:nth-child(even) {
+    background-color: #66bb6a;
+}

src/app/component/userday/userday.component.html

@@ -0,0 +1,3 @@
+<app-top-header section="User Day"></app-top-header>
+<app-readme-to-html
+  MDFile="./assets/Markdown Files/userday.md"></app-readme-to-html>

src/app/component/userday/userday.component.spec.ts

@@ -0,0 +1,24 @@
+import { ComponentFixture, TestBed } from '@angular/core/testing';
+
+import { UserdayComponent } from './userday.component';
+
+describe('UserdayComponent', () => {
+  let component: UserdayComponent;
+  let fixture: ComponentFixture<UserdayComponent>;
+
+  beforeEach(async () => {
+    await TestBed.configureTestingModule({
+      declarations: [UserdayComponent],
+    }).compileComponents();
+  });
+
+  beforeEach(() => {
+    fixture = TestBed.createComponent(UserdayComponent);
+    component = fixture.componentInstance;
+    fixture.detectChanges();
+  });
+
+  it('should create', () => {
+    expect(component).toBeTruthy();
+  });
+});

src/app/component/userday/userday.component.ts

@@ -0,0 +1,10 @@
+import { Component } from '@angular/core';
+
+@Component({
+  selector: 'app-userday',
+  templateUrl: './userday.component.html',
+  styleUrls: ['./userday.component.css'],
+})
+export class UserdayComponent {
+  constructor() {}
+}

src/assets/Markdown Files/userday.md

@@ -0,0 +1,45 @@
+## Description
+
+The OWASP DSOMM team is happy to announce its upcoming User Day on Wednesday, September 25th 2024. It is part of the OWASP AppSec San Francisco.
+
+## Location
+Hyatt Regency San Francisco
+Address: 5 Embarcadero Center San Francisco, CA 94111 United States 
+Room: To be announced.
+
+## Agenda (DRAFT)
+Please expect changes in the timeline.
+
+| Time  | Title                                                                    | Speaker             |
+|-------|--------------------------------------------------------------------------|---------------------|
+| 9:00  | Welcome                                                                  | Timo Pagel          |
+| 9:05  | Key Steps to Achieving an Application Security Program                   | Timo Pagel          |
+| 10:00 | Reach your Dynamic Depth with OWASP secureCodeBox                        | Jannik Hollenbach   |
+| 12:00 | Lunch Break                                                              | /                   |
+| 13:30 | Workshop: Utilizing DSOMM app to define your own program                 | Timo Pagel          |
+| 14:00 | Workshop: Application and Vulnerability maturity Model (VMM) - DSOMM Map | Francesco Cipollone |
+| 16:00 | Wrap Up                                                                  | Timo Pagel          |
+
+### Talk Descriptions
+#### Key Steps to Achieving an Application Security Program
+This talk outlines a practical approach to building and optimizing application security (AppSec) programs for organizations of all sizes. 
+While briefly touching on foundational elements, the presentation focuses on developing and implementing a custom organizational maturity model that resonates with development and operations teams. Moving beyond traditional frameworks, attendees will learn to design tailored models that account for diverse operating environments. The talk provides strategies for avoiding common pitfalls, implementing effective metrics, and creating a scalable AppSec approach adaptable to an organization’s evolving needs. Through actionable advice and real-world examples, participants will gain insights applicable to both new and existing AppSec programs.
+
+#### Workshop secureCodeBox?
+
+#### Workshop: Utilizing DSOMM app to define your own program
+Get to know the DSOMM application and how to customize it to distribute your AppSec Program as a maturity model.
+
+Requirements:
+- Docker
+
+Linux is recommended.
+
+#### Workshop: Application and Vulnerability maturity Model (VMM) - DSOMM Map
+Organizations face an ever-increasing risk of cyberattacks and data breaches. Vulnerabilities are getting discovered faster than ever, with a 34% YoY increase of vulnerability discovery. Vulnerabilities are often tackled as they come from security scanners, leading to burnout of security professionals, with 50% of security engineers considering changing their profession entirely. This workshop explores the vulnerability management process that applies to application, cloud, and infrastructure security.
+
+To mitigate these risks, vulnerability management and triage have become essential components of an effective cybersecurity program. Vulnerability triage, in particular, plays a critical role in identifying, prioritizing, and remediating vulnerabilities to minimize the organization's attack surface across applications, cloud and infrastructure. However, the process of vulnerability triage is not a one-size-fits-all approach and requires a maturity model that reflects the organization's current state of readiness. In this workshop, you will explore the evolution of vulnerability management and triage process maturity and how organizations can enhance their capabilities to manage and mitigate cybersecurity risks effectively.
+
+Why we created the vulnerability management process?
+We created the vulnerability maturity model to provide a quick and easy assessment method to define where you are in the vulnerability assessment process from triage.
+The VMM is mapped back to both SAMM, and DSOMM.

src/styles.css

@@ -2,3 +2,4 @@
 
 html, body { height: 100%; }
 body { margin: 0; font-family: Roboto, "Helvetica Neue", sans-serif; }
+