23 August, 2022
OWASP Security Assurance Maturity Model (SAMM) provides an effective and measurable way for all types of organizations to analyze and improve their software security posture. SAMM provides the roadmap to organizations on how to design, develop, and deploy secure software through our self-assessment model. It supports the complete software lifecycle and is technology and process agnostic.
SAMM has evolved quite a bit since the initial release of versions 1.0 and 1.5. Amongst the key changes worth noting are a number of new security practices, more alignment between maturity levels, coverage- and quality-based measurement, redesign of maturity levels in order of increasing difficulty, and implementation cost.
However, as opposed to SAMM version 1.5 there was still no comprehensive PDF model available for version 2.0. We are happy to share that team Codific has created a comprehensive and UI-optimized PDF of the OWASP SAMM 2.0.
You can now download it from here: SAMM version 2.0 PDF
While you are here, check out SAMMY our free practical OWASP SAMM tool.
What does the Codific team build with SAMM
Codific is a team of security software engineers that leverage privacy by design principles to build secure cloud solutions. We build applications in different verticals such as HR-tech, Ed-Tech and Med-Tech. Secure collaboration and secure sharing are at the core of our solutions.
Videolab is used by top universities, academies and hospitals to put the care in healthcare. Videolab enables communication skills, empathy and other soft skills training by allowing you to share and ask for feedback on patient interview recordings.
SARA is used by top HR-Consultants to deliver team assessments, psychometric tests, 360 degree feedback, cultural analysis and other analytical HR tools.
SAMMY Is a Software Assurance Maturity Model management tool. It enables companies to formulate and implement a security assurance program tuned to the risks they are facing. That way other companies can help us build a simple and safe digital future. We have built our AppSec program and SAMMY itself on top of SAMM.
We believe in collaboration and open innovation, we would love to hear about your projects an see how we can contribute in developing secure software and privacy by design architecture. Contact us.