Software Assurance Maturity Model

Open SAMM v2 has been released

The newest version of the SAMM is live! This is an incredible free resource that you can use to assess and enhance the maturity of your application/product/software security process within your organization.

The SAMM is brought to you by a project team that is part of the Open Web Application Security Project (OWASP), a global nonprofit dedicated to improving the security of software. (Interested in learning with or contributing to this community? Find your local chapter here.)

I consider the SAMM an MVP among the OWASP projects, along with the security cheatsheet series. With the SAMM, you can quickly identify gaps in how you are securing your software, both from the perspective of preventing/finding/remediating security problems and from the perspective of efficiency & governance of the process.

Curious about the SAMM? Begin with the Quick Start Guide or the about page.