RESOURCES | TAGS | Model

SAMM assessment tools

If you want to learn more about SAMM assessments, we have a couple of dedicated pages for that. First, there’s the assessment page. We also have an assessment guide, with lots of practical advice, best practices, and an example set of questions for an interview-style assessment. If you’re just looking for the links to our spreadsheets or online assessment, here they are.

Spreadsheets

We have 2 versions of the SAMM Toolbox, a Microsoft Excel Toolbox and a Google Spreadsheet Toolbox .

Read more

Training

SAMM Fundamentals Course

A fully free, self-paced course with over 5 hours of video content.

Visit the SAMM Fundamentals Course page on Thinkific.

We’d really appreciate feedback on this first version of the course. Please use our Slack channel , the Discussions on GitHub or our contact form.

Read more

SAMM Mappings

Direct Mappings

Mapping between Microsoft SDL and SAMM

The SAMM core team has created mappings between Microsoft SDL and OWASP SAMM. You can find the mapping in this spreadsheet .

You can also find more information about this mapping in the Microsoft SDL and OWASP SAMM Mapping: A Comprehensive Analysis blog post.

Mapping between BSIMM 14 and SAMM

The SAMM core team has created mappings between BSIMM 14 and OWASP SAMM standards. You can find the mapping in this spreadsheet .

Read more

SAMM PDF

PDF icon

This is a long awaited moment since the release of SAMM version 2. The community asked for it so we’ve created a PDF version of the model.

View the SAMM PDF here .

If you have any feedback on this, please use our Slack channel , the Discussions on GitHub or our contact form.

Read more

SAMM GitHub repositories

GitHub logo

One project, many repos

After the release of SAMM v2, we moved all of our GitHub content to the OWASP SAMM GitHub organization . Here, you can find all the repositories related to the SAMM project.



Some of the repos you can find there are:


Also, don’t miss the Discussions section, where you can pitch your ideas, ask questions, and provide feedback.

Read more

Categories

Tags