What is SAMM?

A security model designed to help organisations improve software security
practices with measurable results.

The Software Assurance Maturity Model (SAMM) was developed by the Open Web Application Security Project (OWASP), https://www.opensamm.org/ to help organisations formulate and implement a strategy for software security that is tailored to the specific risks and current maturity state of the organisation. The model helps to analyse the current software security practices, build a security program in defined iterations, show progressive improvements in secure practices,
define and measure security-related activities within an organisation.
SAMM was defined with flexibility in mind such that it can be utilised by small, medium, and large organisations using any style of development.

Most organisations have processes in place that assist in creating, releasing, and maintaining functional software. These days however, that is not enough. Growing worries and business dangers associated with insecure software have brought increased awareness to the need to integrate security into the development process. Many organisations are now recognising that software development needs to be more secure because you cannot rely on perimeter controls alone to protect you.

In general, security visibility should be in a Shift Left mode – which means attention should be applied closer to the source. This will put you in the best position to avoid software faults before they evolve into a breach. To reverse these trends, security should be integrated (and ultimately automated) across all aspects of development and operational management

To find out more about SAMM download our datasheet.

For more information or to discuss how we can help your organisation implement SAMM please contact us on 1300 922 923 or fill out our contact us form below.

Contact Us