Introducing SAMM Practitioners

By The SAMM Project Team | December 5, 2022

Why SAMM Practitioners?

We want to adopt OWASP SAMM 2.0 at my workplace. Can you recommend a company to help us do this?

SAMM team members get asked this a lot through the different channels of communication like our Slack channel and the contact form on the website.

Obviously, we know many companies, organizations, and individuals who can do this. We are a community-driven project and a number of volunteers have contributed to SAMM so it wasn’t an easy answer for us to provide. We needed to do this in a way that is useful to the community, that points to quality services, and is not biased.

As a team, we’ve given this quite some thought. We reviewed our options and, over the last few months, drafted an approach to this new service that is now available on the website.

So, what are SAMM practitioners?

SAMM practitioners are organizations that we know or who have come forward to provide SAMM-related services such as assessment, roadmap, training, or tooling. As from now, we have listed these organizations in the Practitioners page of our website.

How do SAMM Practitioners get on the list?

We’ve contacted, vetted, and got the permission to list the organizations. And, while the OWASP SAMM project is selective about the practitioners list, it does NOT imply we endorse, recommend, or favor any of them.

Any one who’s offering a service relevant to OWASP SAMM can contact us. The requirements are described in the Practitioners page but they can be summarized in these two items. Applicants must:

  • provide a link to a page describing the SAMM-related services
  • have a backlink to our website on their website page

We do reserve the right to reject or remove any of the practitioners.

We’ve realized there’s a growing number of organizations adopting SAMM. Some of those organizations need to call on external practitioners, which makes the list on the website even more useful. We know this is a helpful service for our community and we hope we’ve made good on our promise to continue to give back to you.

Check out the SAMM Practitioner page now!

You can also hear more about SAMM Practitioners on the latest monthly Community call video available on our YouTube Channel .

Be a part of the SAMM community!

  • Join our Slack channel , where you’ll meet other users, ask questions, give feedback, and be in the loop of all things SAMM.
  • Join our monthly community calls, where we discuss different topics, exchange experiences and ideas, and review SAMM’s security practices in depth.