Software security is about building secure software and is getting significantly more attention from the computer security community. Although many attempts have been made to improve software security over the years, traditional software security research has focused on a few tools and techniques (e.g, for static analysis). We believe that the scope of software security and assurance is much wider than those research areas. Our conference provides a chance for academic and industry professionals to discuss recent progress in the area of software security and assurance and explore other facets of software security and assurance, which have not been as thoroughly studied.