Join Codific at OWASP Global AppSec EU 2025
May 26–30, 2025 | Barcelona, Spain
Location: Centre de Convencions Internacional de Barcelona (CCIB)
Official Event Page →
Sessions Not to Miss
Dr. Aram Hovsepyan
Codific
CEO
Aram is the founder and CEO of Codific and a core contributor to OWASP SAMM, with over 15 years of AppSec experience helping organizations embed security into their SDLC. He holds a PhD in cybersecurity from KU Leuven, where his work on LINDDUN influenced both ISO and NIST standards.
May 28, Wednesday 9:00am
Host of: SAMM User Day
Join us on May 28th at the OWASP SAMM User Day in Barcelona to connect with the community, explore real-world case studies, and discover how to make security maturity practical, measurable, and collaborative.
Speaker Session:
May 29, Thursday 11:00am, Room 115
Your Security Dashboard Is Lying to You: The Science of Metrics
If your dashboards are full but your risk is unchanged, this talk is your reality check, come learn the science behind meaningful security metrics that actually improve security instead of just looking good in reports.
Dr. Dag Flachet
Codific
Co-founder
Dag is a Co-Founder at Codific, holds a PhD in business administration, and is an active member of the OWASP Barcelona Chapter and SAMM Project, where he specializes in mapping SAMM to the Cyber Resilience Act.
SAMM User Day:
May 28, Wednesday 11:00ам
CRA, Are We Ready? A Structured Analysis of Industry Readiness
The Cyber Resilience Act is coming fast with fines of up to 15 million euros, and this talk shows how OWASP SAMM can help you get ahead of the curve, cut compliance costs, and avoid nasty surprises by mapping exactly what your AppSec program needs to be CRA-ready.
Speaker Session: May 29, Thursday 3:30pm, Room 115
Kaizen for your appsec program: Turning big problems into small steps
Most companies start using OWASP SAMM for assessments, but this talk shows how Kaizen and real-world lessons from 27 AppSec leaders can transform it into a powerful engine for continuous improvement, tackling common pitfalls and making security a shared, meaningful effort across your organization.
A Look Back: OWASP Highlights from 2024
At Codific, we don’t just attend—we actively shape the OWASP community. Last year, we participated in both Global AppSec Lisbon and Global AppSec San Francisco, where our team and clients shared valuable insights:
Dr Aram Hovsepyan
Talk: Automating Security Test Cases Based on ASVS (Lisbon & San Francisco)
Dimitar Raichev (Codific, Secure Software Engineer)
Talk: Bridging Security & Privacy Standards: Harnessing OpenCRE for Effective Mapping (San Francisco)
Dr. Jasyn Voshell (Zebra Technologies, Codific client)
Talk: Maturing SDLC at a Fortune 500 Company Based on OWASP SAMM (San Francisco)
Manage your AppSec with SAMMY
SAMMY is a unified platform that helps you translate frameworks into clear, measurable actions. Assess where you stand, create SMART improvement plans, and demonstrate progress with actionable dashboards — all in one unified platform.
50 Free Premium Accounts for OWASP Community
1 year premium SAMMY for free
Meet the Codific Team at the Conference
Stop by, say hi, and grab a free 1-year premium SAMMY account, available to the first 50 OWASP community members.
Look for the team in SAMMY T-shirts and secure your free account while they last!
Building a Stronger Community
Meetings & Community Calls
Both OWASP SAMM and SAMMY thrive on the power of community. Being part of this ecosystem means staying at the cutting edge of secure software development, sharing insights, and helping shape the future of application security.
Join the conversation, connect with like-minded professionals, and stay up to date on the latest developments:
-
OWASP SAMM Meetings – View upcoming sessions
-
OWASP SAMM Community Calls – Learn what’s new
-
SAMMY Community Calls – See what’s coming next
Become a Recommended Vendor in SAMMY
Since the beginning of 2025, Codific has been actively partnering with select vendors for each security stream within SAMMY. This initiative connects our users with trusted tools and services right at the critical moment when gaps in security processes are identified.
If you offer innovative security solutions and want to showcase your product or service to organizations actively maturing their secure software practices, apply now to join our Recommended Vendor Program.
SAMMY Implementation Partners Program
SAMMY is built entirely in-house by AppSec specialists, but security consultancy requires more capacity than we can handle alone. To bridge this gap, we’ve partnered with top industry consultants—many of whom have contributed to OWASP standards and guidelines—to provide deep expertise and drive SAMMY adoption. These are called our Implementation Partners.
Academic Application Security Program
Since 2025, Codific has been supporting the next generation of cybersecurity professionals through our Academic Application Security Program. This initiative offers students free access to SAMMY, providing hands-on experience with real-world application security tools.