[SAMM] OpenSAMM Case Study
chandra at owasp.org
Sun Jul 10 14:27:15 EDT 2011
Yeah, same idea there, but we separated our notes into silos for those 4
example org types and them built the roadmaps from the applicable
companies. The case-study was ISV only.
On 7/2/11 4:48 PM, Christian Heinrich wrote:
> On Sat, Jul 2, 2011 at 10:04 AM, Pravir Chandra<chandra at owasp.org> wrote:
>> When we wrote it, we were basically drawing from our individual experiences from a few different organizations where we had led the build-out of software security programs. Then, we "reverse engineered" the case study from that by putting our experience from those programs in terms of the model's levels, activities, etc.
> Would the above would be applicable to four examples after p27 within
> "Building Assurance Programs"?
More information about the SAMM