Codific
  • Solutions
    • AppSec Management with SAMMY
    • GRC Management with SAMMY
    • Ed-Tech and HR-Tech
      • Secure Video Sharing with Videolab
      • Student Attendance Tracking with Attendance Radar
      • Survey Analysis Automation with SARA
  • Services
    • OWASP SAMM Assessments
    • OWASP SAMM Training
    • OWASP SAMM Guidance
  • Company
    • Our Story
    • Who We Are
    • Codific @ OWASP Global AppSec Barcelona 2025
    • Codific @ OWASP
    • Careers
  • Partners
    • Implementation Partners Program
    • Recommended Vendors Program
      • Our Recommended Vendors
    • Academic Application Security Program
  • Customers
  • Insights
  • Contact
  • Go to SAMMY

Author Archives: Aram Hovsepyan

Home Aram Hovsepyan
how to do threat modeling steps

10

Apr

Master Threat Modeling with Toreon’s World-Class Approach

  • Aram Hovsepyan
  • Application Security, Application Security Management, architecture mitigation, Cybersecurity, threat modeling

Threat modeling shaped my AppSec career. It helped me wrestle with one of security’s most […]

Read Article
Application risk shown by a safe vault with cracks

25

Feb

Master OWASP SAMM Application Risk Profiles with Heeler

  • Aram Hovsepyan
  • Application Security, SAMM, Secure Software Development
Introduction: Application Risk Profile with Heeler A clear understanding of risk is the foundation of[...]
Read Article
Visual representation of an application security architecture with snow on top

12

Feb

Master OWASP SAMM Architecture Validation with IcePanel

  • Aram Hovsepyan
  • Application Security, SAMM, Secure Software Development
Introduction: Architecture Validation with IcePanel Architecture validation is the process of reviewing your architecture to[...]
Read Article
Cybersecurity Fundamentals framework in one view

12

Jan

What Is CyFun and How to Implement It?

  • Aram Hovsepyan
  • Compliance, Cybersecurity

Introduction In this blog, we will focus on helping you understand what is Cybersecurity Fundamentals[…]

Read Article
how to prevent a data breach

26

Dec

How to get breached: 5 most common attack vectors

  • Aram Hovsepyan
  • Cybersecurity

Dear disgruntled employee (let’s call you Mallory): Tired of working long hours with no holidays,[…]

Read Article
Security frameworks ontology

12

Dec

Information Security and Cybersecurity: Understanding the Layers

  • Aram Hovsepyan
  • Application Security, Cybersecurity, Information Security, Secure Software Development

The terms information security and cybersecurity are often used interchangeably, which frequently leads to confusion.[…]

Read Article
Mappings to OWASP SAMM

07

Dec

NIST 800-53 and NIST 800-171: Key Differences

  • Aram Hovsepyan
  • Compliance, Cybersecurity, NIST SSDF, Privacy by Design, Security, Software security

The U.S. cybersecurity strategy seems to be lightyears ahead of the EU. I strongly believe[…]

Read Article
Comparing NIST SSDF vs SAMM

28

Nov

Comparing NIST SSDF and OWASP SAMM: A Comprehensive Analysis

  • Aram Hovsepyan
  • Application Security, BSIMM, NIST SSDF, OWASP, SAMM

Over the past year, our SAMMY tool has grown significantly. It now supports not just[…]

Read Article
fisma

22

Nov

What is FISMA and how to comply with it

  • Aram Hovsepyan
  • Application Security, Compliance, Cybersecurity

What is FISMA and why is it important? The Federal Information Security Modernization Act (FISMA)[…]

Read Article
CSF 2.0 Functions

20

Nov

What is NIST CSF 2.0 and how to implement it

  • Aram Hovsepyan
  • Application Security, Cybersecurity, Secure Software Development

Managing cybersecurity risks requires a clear strategy combining people, processes, tools, and knowledge, all guided[…]

Read Article
Mastering OWASP SAMM

02

Nov

Common mistakes when implementing OWASP SAMM

  • Aram Hovsepyan
  • Application Security, OWASP, SAMM, Secure Software Development, SSDLC

OWASP Software Assurance Maturity Model (SAMM) is one of the only comprehensive frameworks available for[…]

Read Article
Mastering OWASP SAMM

20

Oct

Supplier Security Explained: Best Practices to Manage Supplier Risk

  • Aram Hovsepyan
  • Application Security, OWASP, SAMM, Secure Software Development, SSDLC

What is supplier risk management about? Outsourcing software development has become a cornerstone for many[…]

Read Article
Next

Building a simple and safe digital future

  • Visit Codific's LinkedIn channel (opens in a new tab)
  • Visit Codific's YouTube channel (opens in a new tab)

Main Focus

Application Security Compliance Cybersecurity NIST SSDF OWASP Privacy by Design SAMM Secure Software Development Security Security Software Engineer Software security SSDLC

Recent Post

  • CRA readiness analysis.

    April 24, 2025

    What to expect from EU CRA fines?

    April 24, 2025

  • how to do threat modeling steps

    April 10, 2025

    Master Threat Modeling with Toreon’s World-Class Approach

    April 10, 2025

  • Business functions of SAMM graphic

    April 04, 2025

    OWASP SAMM: A Comprehensive Introduction

    April 04, 2025

In the Spotlight

  • SAMMY
  • Secure Video Sharing with Videolab
  • Attendance Radar
  • SARA
  • Terms & Conditions
  • Privacy Policy

Codific ® 2025. All rights reserved.