RESOURCES | TAGS | model

SAMM assessment tools

Links to info and tools If you want to learn more about SAMM assessments, we have a couple of dedicated pages for that. First, there’s the assessment page. We also have an assessment guide, with lots of practical advice, best practices, and an example set of questions for an interview-style assessment. If you’re just looking for the links to our spreadsheets or online assessment, here they are. Spreadsheets We have 2 versions of the SAMM Toolbox, a Microsoft Excel Toolbox and a Google Spreadsheet Toolbox .

Read more

Training

A fully free, self-paced course with over 5 hours of video content. Visit the SAMM Fundamentals Course page on Thinkific. We’d really appreciate feedback on this first version of the course. Please use our Slack channel , the Discussions on GitHub or our contact form.

Read more

SAMM Mappings

OpenCRE The SAMM model pages on the website have links to OpenCRE in every stream. By linking SAMM to OpenCRE , we’ve made it easier for our users to find relevant and useful resources with every stream, as well as to see how SAMM aligns with other security standards such as NIST SSDF, ISO27K, PCI-DSS, OWASP ASVS, and NIST 800-53. Learn more in the OWASP SAMM now connects to OpenCRE blog post.

Read more

SAMM PDF

This is a long awaited moment since the release of SAMM version 2. The community asked for it so we’ve created a PDF version of the model. View the SAMM PDF here . If you have any feedback on this, please use our Slack channel , the Discussions on GitHub or our contact form.

Read more

SAMM GitHub repositories

One project, many repos After the release of SAMM v2, we moved all of our GitHub content to the OWASP SAMM GitHub organization . Here, you can find all the repositories related to the SAMM project. Some of the repos you can find there are: Core Model Website SAMMwise (assessment tool) Also, don’t miss the Discussions section, where you can pitch your ideas, ask questions, and provide feedback.

Read more