ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

OWASP SAMM

OWASP SAMM software security maturity 5 functions.

Definition

SAMM v2.1 structure: Governance (Strategy & Metrics, Policy & Compliance, Education & Guidance), Design (Threat Assessment, Security Requirements, Security Architecture), Implementation (Secure Build, Secure Deployment, Defect Management), Verification (Architecture Assessment, Requirements-driven Testing, Security Testing), Operations (Incident Management, Environment Management, Operational Management). Assessment tools available.

Origin

OWASP Foundation, SAMM v1.0 2009 (Pravir Chandra), v1.5 2017, v2.0 2020, v2.1 March 2023.

Usage

Adopted by large enterprises for multi-year AppSec maturity roadmap. Competes with BSIMM (Synopsys / Black Duck).

Related terms

  • BSIMM — concurrent maturité.
  • NIST SSDF — framework apparenté.
  • OWASP — organisation parent.

Last updated: May 18, 2026