SAMM 1.0 Released!

samm-coverThe Beta release has been out for quite a while now (since August 2008) and lots of organizations and individuals have provided excellent feedback to help improve the model. I’ve heard lots of stories from people using SAMM (some are consulting firms, and some are development organizations) and that feedback has been some of the most valuable. This release marks the official 1.0 version of SAMM and there’s a few new pieces added:

  • Executive summary and introduction to the model
  • Improved details on applying the model to solve problems
  • Assessment worksheets for evaluating existing programs
  • Roadmaps for financial services and government organizations
  • Improvements and refinements to the model (I’ll cover changes individually in separate posts)

Many thanks to the individual reviewers and the organizations that have volunteered time to help improve SAMM. I look forward to more active participants as we push forward with some of the future development plans for SAMM.


  1. #1 by Tom Brennan - March 25th, 2009 at 05:48

    Great Job Pravir !!!

  2. #2 by chandra - March 25th, 2009 at 05:58

    Thanks, Tom. It’s been a huge amount of work, but I’m very happy with how the 1.0 turned out!

  3. #3 by Dan Moniz - March 25th, 2009 at 06:23

    Hey Pravir!

    Great timing: I was just going to email you about this today when I got a LinkedIn notice from the OWASP group seconds ago. Glad to see this out in the open! I’ll be tearing into it today and look forward to using it, and to future work on it.

  4. #4 by Claudio Cossio - March 25th, 2009 at 07:03

    To everybody involved in the framework, thank you very much.

    Appreciate all your hard work.


  5. #5 by chandra - March 25th, 2009 at 07:06

    Thanks, Dan! I’ll be posting the list of ideas for future development of SAMM within the next day or so… There’s lots of cool things yet to be done!

(will not be published)

  1. No trackbacks yet.