Praise

OWASP.org is a valuable resource for any company involved with online payment card transactions. Dell uses OWASP’s Software Assurance Maturity Model (OpenSAMM) to help focus our resources and determine which components of our secure application development program to prioritize. Participation in OWASP’s local chapter meetings and conferences around the globe helps us build stronger networks with our colleagues.

Michael J. Craigue, Information Security & Compliance, Dell, Inc.

SAMM has defined the building blocks for effective software security assurance… Our clients can use the model to see what needs to be done and what skills and resources are needed to do the job. Best of all, businesses can use SAMM to quantify results and improvements by assessing practices against SAMM activities.

Matt Bartoldus, Co-Founder & Director, Gotham Digital Science

These days people understand that security has to be built in–it can’t be bolted on.  But for many a big question remains: what does it take to build secure software?  SAMM tackles that question head on with a framework for creating and growing a software security initiative.  SAMM has focused the way I think about the human side of the software security problem.

Brian Chess, Founder & Chief Scientist, Fortify Software

The perfect starting place, finally a methodology to help us bring it all together… Where do i get it!

Anonymous, national university

A great document that can be implemented over a period of time, to help address the risks we have with our software.

Anonymous, international financial institution