SAMM

Microsoft SDL and OWASP SAMM Mapping: A Comprehensive Analysis

By Aram Hovsepyan in mapping

January 20, 2025

Microsoft SDL and OWASP SAMM Mapping: A Comprehensive Analysis Introduction The Microsoft Security Development Lifecycle (SDL) was introduced in 2004 as Microsoft’s response to the security challenges that plagued its Windows operating system. As the first formal secure SDLC framework, it laid the foundation for many secure software development practices. Today in its latest version, Microsoft SDL comprises 10 security practices, each containing a set of requirements designed to reduce security risks across the software development lifecycle.

Continue reading

SAMM BSIMM Mapping

By Aram Hovsepyan, Maxim Baele in mapping

December 10, 2024

Building Security In Maturity Model (BSIMM) Mapped to OWASP SAMM The full mapping sheet between BSIMM 14 and OWASP SAMM. Introduction The Building Security In Maturity Model (BSIMM) and OWASP Software Assurance Maturity Model (SAMM) share a common history. Both were conceived around 2008-2009 and are based on OpenSAMM, which was created by Pravir Chandra. Over time, however, these two models have evolved independently, with distinct conceptual differences. We have previously explored these differences in detail .

Continue reading

Search

Categories

Tags