VDA uses a framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization. The assessment will:

  • Evaluate an organization’s existing
    software security practices
  • Build a balanced software security program
    in well-defined iterations
  • Demonstrate concrete improvements
    to a security assurance program
  • Define and measuring security-related activities
    within an organization

SAMM was created with flexibility in mind such that it can be utilized by small, medium, and large organizations using any style of development. Additionally, this model can be applied organization-wide, for a single line-of-business, or even for an individual project.





Software Security

Advanced Fuzzing Services
Cloud Security
The team at VDA Labs has been a delight to work with! The SSMA process was important for our team since it provided us with an unbiased, expert view of our existing maturity level for information security. More than simply providing a measurement, the team at VDA provided us with a fundamental understanding of the OWASP model and how to improve upon our maturity baseline in the best possible way forward. Armed with the SSMA data and the expert guidance of the VDA team, we were able to develop and execute a well-organized, measurable plan of maturing our AppSec processes.
Ron L Beckett, CSM

Senior Manager Software Development Dematic North America