Codific
  • Customers
    • Zebra Technologies
    • Sigma Software Group
    • Sign In Solutions
    • Approach Cyber
    • All Customer Stories
  • Solutions
    • AppSec Management with SAMMY
    • GRC Management with SAMMY
    • Ed-Tech and HR-Tech
      • Secure Video Sharing with Videolab
      • Student Attendance Tracking with Attendance Radar
      • Survey Analysis Automation with SARA
  • Services
    • OWASP SAMM Assessments
    • OWASP SAMM Training
    • OWASP SAMM Guidance
  • Company
    • Our Story
    • Who We Are
    • Codific @ OWASP
    • Codific @ OWASP Global AppSec Washington D.C. 2025
    • Careers
  • Partners
    • Implementation Partners Program
      • Partner Success Story
    • Recommended Vendors Program
      • Our Recommended Vendors
    • Academic Application Security Program
  • Insights
    • Blog
    • The AppSec Management Podcast
    • Application Security Science
    • Press Coverage
  • Contact
  • Go to SAMMY

Security

Home Security Page 4
SAMM Benchmark average data across all business functions.

05

Oct

OWASP SAMM Benchmark Data Analysis

  • Aram Hovsepyan
  • Application Security, OWASP, SAMM

The OWASP Software Assurance Maturity Model (SAMM) is rapidly becoming the go-to framework for application […]

Read Article
cyber resilience act regulation

05

Sep

What is the Cyber Resilience Act (CRA) and how to comply with it

  • Dag Flachet
  • Privacy by Design, Security

It this article we explore the essentials of the EU Cyber Resilience Act (CRA), and[…]

Read Article
how to do SAMM assessments

10

May

How to do SAMM assessments: Everything you need to know

  • Michaella Masters
  • Application Security, OWASP, Privacy by Design, SAMM, Security

Want to get started with SAMM?  We have just the thing! Take the free OWASP[…]

Read Article
Communicating security

12

Apr

Reporting with OWASP SAMM

  • Dag Flachet
  • OWASP, SAMM, Security

How to use OWASP SAMM for effective communication on security? Reporting with OWASP SAMM is[…]

Read Article
Zebra Technologies in the NFL

20

Mar

OWASP SDLC guidance: A story of OWASP SAMM implementation

  • Aram Hovsepyan

Application security is a paramount concern for organizations that develop software. However systematically managing AppSec[…]

Read Article
Security requirements driven testing

28

Feb

Security Requirements Driven Development: the best ROI for your SDLC

  • Aram Hovsepyan
  • Application Security, SAMM, SDLC, Secure Software Development, Software security, SSDLC

Application security requires a systematic approach and requires dealing with software security throughout every stage[…]

Read Article
CyberSec ISO-27003

17

Nov

ISO-27001 2013 vs ISO-27001 2022: What’s changed?

  • Leo Dahlgren
  • ISO 27001, Security

  Official resources ISO 27001:2022 ISO 27001:2013 OWASP SAMM CRA NIST SSDF

Read Article
NIST CSF vs OWASP SAMM

26

Sep

A comparison of NIST CSF 2.0 and OWASP SAMM

  • Aram Hovsepyan
  • NIST SSDF, OWASP, Security

NIST has finalized the Cybersecurity Framework (CSF) 2.0. CSF 2.0 focuses on understanding, assessing, prioritising,[…]

Read Article
SOC 2

12

May

Is SOC 2 Worth it?

  • Leo Dahlgren
  • ISO, Security

Is SOC 2 Worth It? In this blogpost we will be discussing SOC 2, what[…]

Read Article
ISO Logo

01

May

Is ISO 27001 Worth It?

  • Leo Dahlgren
  • ISO, Security

Is ISO 27001 worth it? In this blogpost we will be discussing ISO 27001. What[…]

Read Article

26

Apr

OWASP SAMM: Policy and Compliance

  • Nicolas Montauban
  • OWASP, Security

OWASP is the Open Worldwide Application Security Project. It is a non-profit foundation that works[…]

Read Article

26

Apr

Types of Software Backups

  • Michaella Masters
  • Application Security, Security

Software Backups Reasons to back up your software seem pretty obvious, however as it can[…]

Read Article
Previous Next

Building a simple and safe digital future

This website runs on green hosting - verified by thegreenwebfoundation.org
  • Visit Codific's LinkedIn channel (opens in a new tab)
  • Visit Codific's YouTube channel (opens in a new tab)
  • Spotify

Main Focus

Application Security Application Security Management Compliance Cybersecurity NIST SSDF OWASP OWASP SAMM SAMM Secure Software Development Security Software security SSDLC

Recent Post

  • Nearly everything is in scope for the CRA except for SaaS

    December 01, 2025

    How to prepare for the CRA

    December 01, 2025

  • NIS 2 Blog featured image

    November 27, 2025

    NIS 2 Directive: Compliance Guide, Fines & Scope

    November 27, 2025

  • OWASP ASVS Blog Illustration for Featured Image

    November 25, 2025

    OWASP ASVS: A Comprehensive Overview

    November 25, 2025

In the Spotlight

  • SAMMY
  • The AppSec Management Podcast
  • Secure Video Sharing with Videolab
  • Attendance Radar
  • SARA
  • Terms & Conditions
  • Imprint
  • Cookie Policy
  • Privacy Statement

Codific ® 2025. All rights reserved.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}