Security Innovation Aids Efforts to Improve Security Benchmarking in OpenSAMM

Share Article

Security Innovation collaborates with several leading application security firms by contributing benchmarking data and guidance to create first-ever public application security benchmarking data system

News Image
OpenSAMM is comprehensive in its approach and will likely become the industry standard for application security maturity analysis and benchmarking

A consortium of leading application security firms recently announced new changes to the Open Software Assurance Maturity Model (OpenSAMM), an Open Web Application Security Project (OWASP) effort. These changes aim to significantly increase the security of application software. This marks the first publicly available anonymized software security benchmarking data, complete with improved data collection architecture and enhancements to the assessment framework. Security Innovation is proud to be one of the participating organizations.

Recent OpenSAMM changes allow a broad range of organizations to compare their application security practices with others. These improvements, combined with the transparency of OWASP projects, provide an open and collaborative environment for organizations to share valuable application security benchmarking data.

As part of the security consortium, Security Innovation helped refine the benchmarking data collection and retention methodology. In addition, Security Innovation gathered valuable information by reaching out to their trusted and highly credible customer base and asking them to share their anonymized data with the OpenSAMM benchmarking repository.

“OpenSAMM is comprehensive in its approach and will likely become the industry standard for application security maturity analysis and benchmarking, “ said Zak Dehlawi, Senior Security Engineer at Security Innovation. “We were excited to bring our extensive SDLC analysis experience to the group and align our findings with this refreshed and open industry standard.”

“As more security companies adopt OpenSAMM as their application security maturity framework, I foresee enterprises rapidly consuming the information and applying it to optimize their own secure SDLC,” said Danny Harris, Senior Security Consultant at Security Innovation. “It’s been a great experience working closely with a team of accomplished security professionals on the OpenSAMM security benchmarking effort, and we look forward to additional collaboration in the future”.

About Security Innovation
A software security pioneer since 2002, Security Innovation is dedicated to protecting sensitive data in the world’s most challenging environments – whether on embedded systems, desktops, web applications, mobile devices, or in the cloud. Recognizing that software applications no longer exist in isolation, our clients are better prepared to anticipate, navigate and reduce software security risk regardless of technology or system complexity. There are more than a million licenses of Security Innovation’s eLearning products in use today and our embedded security products ship on tens of millions of systems each year. The company is privately held and is headquartered in Wilmington, MA USA. Visit the company at or follow on Twitter @SecInnovation.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Maureen Robinson
Visit website