Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
This 32-minute OWASP Foundation presentation explores how the OWASP OpenCRE project addresses the challenges of mapping between cybersecurity standards and compliance frameworks. Discover the comparison between traditional manual mapping methods and the automated OpenCRE approach, including their respective benefits and limitations. Learn about key mapping concepts such as purpose, target audience, and relationship types that help organizations align different security guidelines. The talk examines a real-world comparison between SAMM/SSDF mappings generated by OpenCRE versus direct manual mappings approved by NIST, highlighting current limitations. Explore proposed solutions for improving mapping quality through collaboration with standards bodies like NIST and ISO, and see practical examples of how these mappings can streamline compliance efforts across multiple frameworks. While technological solutions like OpenCRE offer significant advantages, understand why expert involvement remains essential for creating high-quality mappings that can reduce the burden on security professionals and make security processes more robust.
