application-security

SAMM

Software Assurance Maturity Model

Definition

SAMM is an open OWASP framework for measuring and improving an organization's software security posture. It defines 15 security practices across five business functions: Governance, Design, Implementation, Verification, and Operations — each with three maturity levels.

Unlike BSIMM (descriptive), SAMM is prescriptive, providing specific activities and guidance for advancing from one maturity level to the next.

Related Terms

BSIMM

Building Security In Maturity Model

SSDLC

Secure Software Development Lifecycle

DevSecOps

Development, Security, and Operations

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product