Blogs

SAMM V2 community release

SAMM v2 community launch!

After three years of preparation, our SAMM project team has delivered release 2 of SAMM!

First, we’re releasing SAMM v2 to the OWASP community and then plan our public release for mid-January 2020. We value your feedback and questions. To contribute, do one of the following, in decreasing order of preference:

• add issues to our SAMM Github repository
• Complete the Google form per issue
• Start a discussion on our #project-samm Slack channel on OWASP. Confirm that a member of the SAMM team picks up your discussion to make sure we consider your feedback.
• Send us an email: info@owaspsamm.org

SAMM’s mission is to raise awareness and educate organizations on how to design, develop, and implement secure software through our self-assessment model. The new SAMM release v2 consists of:

Continue reading

Open Security Summit 2019

SAMM track, an overview and commentary of the event

The Open Security Summit 2019 focused on the collaboration between Developers and Application Security and was organised with the support of OWASP. The 5-day sprint on SAMMv2 enabled attendees to work and collaborate intensively towards specific Application Security challenges with a focus on actionable outcomes. In addition to specific Maturity Models sessions, a large number of OWASP SAMM Working Sessions took place at the Summit.

Continue reading

Version 2 Beta

The original model (v1.0) was written by Pravir Chandra and dates back from 2009. Over the last 10 years, it has proven a widely distributed and effective model for improving secure software practices in different types of organisations throughout the world. Translations and supporting tools have been contributed by the community to facilitate adoption and alignment. With version 2.0, we further improve the model to deal with some of its current limitations.

Continue reading