SAMM - Kick Off

Discuss agenda - goals for this week. Welcome people who are going to participate


Starting point for a common understanding of the goals and mindset for the SAMM project for the Summit:

  • High-level understanding of security implications from perimeter architecture
  • Enable development teams to self-check designs for security best-practices
  • Lightweight process for conducting project-level design reviews


  • Cover previous summit results / SAMMv1.5
  • Introduction (new) participants
  • Align agenda/goals for this week


Synopsis and Takeaways

Captured expectations of participants; Better understanding Include agile/devops Contribute Tools Benchmarking

Make the model more “agile”? focus on developers. Measure efficiency SAMM Profiles


The target audience for this Working Session is:

  • Security champions
  • Security architects
  • DevOps Roles
  • CISOs

Working materials

Here are the current ‘work in progress’ materials for this session How-To Guide Quick Start Guide SAMM Core Model All SAMM v1.5 files (.zip)


The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization. SAMM helps you:

  • Evaluate an organization’s existing software security practices
  • Build a balanced software security assurance program in well-defined iterations
  • Demonstrate concrete improvements to a security assurance program
  • Define and measure security-related activities throughout an organization


Back to list of all Working Sessions and Tracks

Edit this page here