This work would not be possible without the support of many individual reviewers and experts that offered contributions and critical feedback. They are (in alphabetical order):
Bart De Win
The Software Assurance Maturity Model (SAMM) was originally developed, designed, and written by Pravir Chandra (chandra-at-owasp-dot-org), an independent software security consultant. Creation of the first draft was made possible through funding from Fortify Software, Inc. This document is currently maintained and updated through the OpenSAMM Project led by Pravir Chandra. Since the initial release of SAMM, this project has become part of the Open Web Application Security Project (OWASP).