Codific
  • Customers
    • Zebra Technologies
    • Sigma Software Group
    • Sign In Solutions
    • Approach Cyber
    • All Customer Stories
  • Solutions
    • AppSec Management with SAMMY
    • GRC Management with SAMMY
    • Ed-Tech and HR-Tech
      • Secure Video Sharing with Videolab
      • Student Attendance Tracking with Attendance Radar
      • Survey Analysis Automation with SARA
  • Services
    • OWASP SAMM Assessments
    • OWASP SAMM Training
    • OWASP SAMM Guidance
  • Company
    • Our Story
    • Who We Are
    • Codific @ OWASP
    • Codific @ OWASP Global AppSec Washington D.C. 2025
    • Careers
  • Partners
    • Implementation Partners Program
      • Partner Success Story
    • Recommended Vendors Program
      • Our Recommended Vendors
    • Academic Application Security Program
  • Insights
    • Blog
    • The AppSec Management Podcast
    • Application Security Science
    • Press Coverage
  • Contact
  • Go to SAMMY

Author Archives: Nicolas Montauban

Home Nicolas Montauban
NIS 2 Blog featured image

27

Nov

NIS 2 Directive: Compliance Guide, Fines & Scope

  • Nicolas Montauban
  • Application Security Management, Compliance, Cybersecurity, Information Security

The warning shots are over. The NIS 2 Directive is live, and enforcement has begun. […]

Read Article
OWASP ASVS Blog Illustration for Featured Image

25

Nov

OWASP ASVS: A Comprehensive Overview

  • Nicolas Montauban
  • Application Security, Application Security Management, OWASP, OWASP ASVS

As software systems grow more complex, proving that they are secure has become as important[…]

Read Article
Road illustration of a cybersecurity gap analysis journey

31

Oct

What is a Cybersecurity Gap Analysis? The Role of Mappings

  • Nicolas Montauban
  • Application Security, Cybersecurity, Security Maturity

Most organizations conduct security assessments, yet few turn them into meaningful improvement. Traditional cybersecurity gap[…]

Read Article
SOOS Automated Security Testing Blog Featured Image

24

Oct

Automated Application Security Testing with OWASP SAMM and SOOS

  • Nicolas Montauban
  • OWASP SAMM, Recommended Vendors, Security Testing, SOOS

Automated Application Security Testing (AAST) refers to the use of software tools to identify vulnerabilities[…]

Read Article
Defect Tracking diagram

28

Aug

How to Implement Security Defect Tracking with OWASP SAMM and DefectDojo

  • Nicolas Montauban
  • Defect Tracking, DefectDojo, OWASP, OWASP SAMM, Recommended Vendors, Vulnerability Management

Finding vulnerabilities is not the hard part anymore. Every build and every pipeline produces a[…]

Read Article
OWASP DSOMM's Dimensions

30

Jul

OWASP DSOMM: A Comprehensive Introduction

  • Nicolas Montauban
  • Application Security, Application Security Management, Cybersecurity, Information Security, OWASP, OWASP DSOMM, Secure Software Development

Your DevSecOps pipeline is fast, automated, and built to scale. But is security truly integrated,[…]

Read Article
Cybersecurity trends and statistics

10

Jul

Cybersecurity Statistics and Trends 2025

  • Nicolas Montauban
  • Cybersecurity, Statistics, Trends

This article contains a variety of different cybersecurity statistics and trends of 2025 and recent[…]

Read Article
Conceptual illustration of the SSDLC

11

Jun

What Is the SSDLC? A Guide to Secure Development

  • Nicolas Montauban

Most security issues in software stem from one simple problem: teams try to fix them[…]

Read Article
Business functions of SAMM graphic

04

Apr

OWASP SAMM: A Comprehensive Introduction

  • Nicolas Montauban
  • Application Security, Application Security Management, Cybersecurity, OWASP SAMM, Security Maturity

Modern software development moves fast, and so do the security challenges that come with it.[…]

Read Article
Steps to implement OWASP SAMM graphic

04

Apr

How to implement OWASP SAMM: Tooling, Example and Mistakes to Avoid

  • Nicolas Montauban
  • Application Security, OWASP SAMM, Secure Software Development, Software security, Team Management

Understanding OWASP SAMM is only the beginning. The real value comes from using it to[…]

Read Article
Image of a hacker

24

Feb

A Guide on How to Not Get Hacked

  • Nicolas Montauban
  • Cybersecurity, hacking, Information Security, Security

Have you every been hacked? It sucks right? But don’t worry now, let’s make sure[…]

Read Article
Contingency plan illustration

31

Jan

NIST 800-34 Contingency Planning: A Practical Guide to Resilience

  • Nicolas Montauban
  • Business Continuity, Contingency Plan, Cybersecurity, Disaster Recovery, Incident Response, nist 800-34

In today’s digital landscape, cybercrime is escalating at an alarming rate, with projected damages reaching[…]

Read Article
Next

Building a simple and safe digital future

This website runs on green hosting - verified by thegreenwebfoundation.org
  • Visit Codific's LinkedIn channel (opens in a new tab)
  • Visit Codific's YouTube channel (opens in a new tab)
  • Spotify

Main Focus

Application Security Application Security Management Compliance Cybersecurity NIST SSDF OWASP OWASP SAMM SAMM Secure Software Development Security Software security SSDLC

Recent Post

  • Nearly everything is in scope for the CRA except for SaaS

    December 01, 2025

    How to prepare for the CRA

    December 01, 2025

  • NIS 2 Blog featured image

    November 27, 2025

    NIS 2 Directive: Compliance Guide, Fines & Scope

    November 27, 2025

  • OWASP ASVS Blog Illustration for Featured Image

    November 25, 2025

    OWASP ASVS: A Comprehensive Overview

    November 25, 2025

In the Spotlight

  • SAMMY
  • The AppSec Management Podcast
  • Secure Video Sharing with Videolab
  • Attendance Radar
  • SARA
  • Terms & Conditions
  • Imprint
  • Cookie Policy
  • Privacy Statement

Codific ® 2025. All rights reserved.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}