This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP SAMM Project"

From OWASP
Jump to: navigation, search
Line 181: Line 181:
 
Assessments:
 
Assessments:
 
* SAMM v1.5 Toolbox
 
* SAMM v1.5 Toolbox
** Download the new v1.5 Toolbox with the updated scoring model [https://www.owasp.org/images/9/98/SAMM_Assessment_Toolbox_v1.5_FINAL.xlsx SAMM v1.5 Toolbox]
+
** Download the new v1.5 Toolbox with the updated scoring model [https://github.com/OWASP/samm/blob/master/v1.5/Final/SAMM_Assessment_Toolbox_v1.5_FINAL.xlsx SAMM v1.5 Toolbox]
* SAMM v1.1 RC1 toolbox
+
* SAMM v1.1 Toolbox
** download the latest toolbox, including the updated questions [https://github.com/OWASP/opensamm/blob/master/v1.1/OpenSAMM_Assessment_Toolbox_v1-1-RC.xlsx here]
+
** download the v1.1 toolbox, including the updated questions [https://github.com/OWASP/samm/blob/master/v1.1/Final/SAMM_Assessment_Toolbox_v1-1-Final.xlsx here]
 
* Assessment Interview Template by Nick Coblentz for SAMM V1.0
 
* Assessment Interview Template by Nick Coblentz for SAMM V1.0
 
** This [https://www.owasp.org/images/c/cf/20090607-SAMMAssessmentInterviewTemplate-1.0.xls spreadsheet] breaks down the assessment questionnaire from the SAMM framework into assertion statements that can be used to drive assessment interviews.
 
** This [https://www.owasp.org/images/c/cf/20090607-SAMMAssessmentInterviewTemplate-1.0.xls spreadsheet] breaks down the assessment questionnaire from the SAMM framework into assertion statements that can be used to drive assessment interviews.

Revision as of 01:22, 5 July 2017

Flagship big.jpg

OWASP SAMM v1.5 available in the downloads section! (Announcement Coming)


2017 OWASP SAMM Summit (12-16 JUNE 2017, London)

  • Join our 2017 OWASP SAMM Summit near London as part of the OWASP DevOps Security Summit.
  • We organize working sessions in a 5-day sprint to draft SAMM v2.0. Check out the working session details online
  • Register online here
  • Sponsor the SAMM Summit as Platinum or Gold sponsor


The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization. SAMM helps you:

  • Evaluate an organization’s existing software security practices
  • Build a balanced software security assurance program in well-defined iterations
  • Demonstrate concrete improvements to a security assurance program
  • Define and measure security-related activities throughout an organization


Dell uses OWASP’s Software Assurance Maturity Model (Owasp SAMM) to help focus our resources and determine which components of our secure application development program to prioritize., (Michael J. Craigue, Information Security & Compliance, Dell, Inc.)

Follow OWASP SAMM on twitter: @owaspsamm


Share this:  E-mail this story Bookmark with Facebook Share on Digg.com Share on delicious Share on reddit.com Share on stumbleupon.com Share on LinkedIn.com Share on twitter.com Seed on Newsvine

Quick Download v1.5

All SAMM v1.5 files (.zip)
SAMM Core Model
How-To Guide
Quick Start Guide
SAMM Toolbox
SAMM Toolbox Example
OWASP SAMM on GitHub

Quick Download v1.1.1

SAMM Core Model
How-To Guide
Quick-Start Guide
Updated SAMM Tool Box
OWASP SAMM on GitHub

News and Events

Please see the News and Talks tabs

Change Log

Email List

Questions? Please ask on the SAMM Mailing List

Project Leaders

Seba Deleersnyder
Bart De Win
Brian Glas

Related Projects


Classifications

Owasp-flagship-trans-85.png Owasp-defenders-small.png
Owasp-builders-small.png
Cc-button-y-sa-small.png
Project Type Files DOC.jpg


OWASP Books logo.png This project has produced a book that can be downloaded or purchased.
Feel free to browse the full catalog of available OWASP books.

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_SAMM_Project&oldid=231225"