BSIMM

SAMM BSIMM Mapping

Building Security In Maturity Model (BSIMM) Mapped to OWASP SAMM The full mapping sheet between BSIMM 14 and OWASP SAMM. Introduction The Building Security In Maturity Model (BSIMM) and OWASP Software Assurance Maturity Model (SAMM) share a unique history. Both were conceived around 2008-2009, during the early days of structured application security maturity frameworks. Over time, however, these two models have evolved independently, with distinct conceptual differences. We have previously explored these differences in detail (reference).

Continue reading

Comparing BSIMM & SAMM

Building Security In Maturity Model (BSIMM) compared to Software Assurance Maturity Model (SAMM) A common origin BSIMM (Building Security In Maturity Model) and SAMM (Software Assurance Maturity Model) have similar origins dating back to a common origin back in 2008-2009. Iā€™m frequently asked about what is similar and what is different between the two models, so I wrote up this comparison to help organizations understand which of these two models may be a better fit for their needs.

Continue reading