Overview:
Target senior level executives in your organization with a brief presentation on SAMM. Identify
as well as explain each objective and outcome you are addressing.
Instructions:
• Create a presentation to senior leadership to educate them about SAMM and how this
model will ensure that software is secure.
• Discuss how you would begin to address application security issues in a software
application or web application if you are using the SAMM model.
• Look at the Open Web Application Security Project (OWASP) SAMM web site and
discuss which tools would you use to with applications for implement SAMM.
• Provide an overview of SAMM and discuss the OWASP OpenSAMM effort: the
presentation should introduce and describe very briefly (for an executive briefing):
o The four (4) major software security efforts SAMM can provide resources to aid
in.
o The three (3) principles SAMM was built on.
o The five (4) business functions and twelve security practices (three (3) per
business function == 12 total) in the OWASP SAMM 2.0.
• Please define the following terms (provide a definition for, e.g. answer the question
“What is ___?”) in your presentation:
o SDLC, SDL, AppSec, code review.
o Software Development project management methodologies
o Waterfall, Agile
o Maturity model, Maturity Level, SAMM, OpenSAMM
o SAMM assessment and scorecard
• 6-8 PowerPoint slides content, plus one Title and one References slide.
• Put any extensive text description/justification/explanation as well as internal note to the
speaker in the ‘Notes’ section of each presentation slide.
• 2 or more APA references and APA in-text citations.