Archive for category Releases
OpenSAMM 1.0 in Japanese
Posted by Pravir Chandra in Discussion, Releases on April 7th, 2010
Masaki Kubo at JPCERT undertook the great effort to translate the SAMM 1.0 document into Japanese. It’s available here. I’d like to thank him and JPCERT very much for the effort and the motivation to drive this to completion. Fantastic work!
It’s been a little while since I’ve posted anything to the site, but don’t mistake that for lack of activity! There’s actually a backlog of contributed resources that I’ve been meaning to post here but haven’t had the time to get it done yet. They’re all available via the mailing list with a little digging, but in the next week or two, we’ll try to get them all up here.
SAMM 1.0 Released!
Posted by Pravir Chandra in Releases on March 25th, 2009
The Beta release has been out for quite a while now (since August 2008) and lots of organizations and individuals have provided excellent feedback to help improve the model. I’ve heard lots of stories from people using SAMM (some are consulting firms, and some are development organizations) and that feedback has been some of the most valuable. This release marks the official 1.0 version of SAMM and there’s a few new pieces added:
- Executive summary and introduction to the model
- Improved details on applying the model to solve problems
- Assessment worksheets for evaluating existing programs
- Roadmaps for financial services and government organizations
- Improvements and refinements to the model (I’ll cover changes individually in separate posts)
Many thanks to the individual reviewers and the organizations that have volunteered time to help improve SAMM. I look forward to more active participants as we push forward with some of the future development plans for SAMM.
SAMM Beta Release
Posted by Pravir Chandra in Releases on August 21st, 2008
Thanks to sponsorship and feedback from Fortify, we’ve finished an initial release of the Software Assurance Maturity Model (SAMM) that is now available on the downloads page. Everyone is encouraged to review and provide feedback either directly to me or through discussion on the OWASP-CMM mailing list. The working goal is to have a solid 1.0 release in a few months after public review and feedback from organizations using the model and vendors in the software security space.
