We have created a PDF version of the SAMM model.


From our blog

Be an OWASP SAMM contributor and tell us about your experience using our maturity model in guest articles. Get in touch with us to share your SAMM story.

Tackling App Security with SAMM-NIST SSDF Mapping

By The SAMM Project Team on February 6, 2023

The Application Security Challenge The increasing dependence on software in our daily lives has made the challenge of ensuring its security more pressing. Despite being a critical concern, cybersecurity is often not a priority for organizations until there is an incident or breach. This has resulted in the cost of cyber insurance doubling in the past two years and the total cost of cybercrime in 2022 reaching $7 trillion .

Continue reading

Introducing SAMM Practitioners

By The SAMM Project Team on December 5, 2022

Why SAMM Practitioners? We want to adopt OWASP SAMM 2.0 at my workplace. Can you recommend a company to help us do this? SAMM team members get asked this a lot through the different channels of communication like our Slack channel and the contact form on the website. Obviously, we know many companies, organizations, and individuals who can do this. We are a community-driven project and a number of volunteers have contributed to SAMM so it wasn’t an easy answer for us to provide.

Continue reading

Addressing Log4J vulnerabilities with SAMM

By The SAMM Project Team on February 7, 2022

It’s that dreaded notification. The one that holds the threat, and later the reality, of many sleepless nights. The newest vulnerability is here and its severity is considered critical. This Log4J vulnerability (CVE-2021-44228) has caused quite the stir, and rightfully so. It’s kept security peeps on our toes for the last few months so it was interesting to see this topic come up during our last SAMM monthly community call.

Continue reading

OWASP SAMM Train the Trainer

By The SAMM Project Team on November 30, 2021

Expanding awareness of OWASP SAMM To introduce new users to the OWASP Software Assurance Maturity Model (SAMM), the SAMM project team has presented their one-day overview training class several times each year. These classes often run in conjunction with OWASP’s global and regional conference events. The instructors for that training class - currently titled “Secure Your SDLC using OWASP SAMM - ASAP!” - have usually been the project’s leaders, Sebastien (Seba) Deleersnyder and Bart de Win, or other SAMM team members.

Continue reading

Get SAMM news delivered to you

Our Sponsors

Software powers the world, but insecure software threatens safety, trust, and economic growth.
Your support powers SAMM and helps us achieve our mission.

checkmarx codific concord indelible microfocus minded security ncc group pwc security innovation splunk toreon

Find out about sponsorship