SAMM 2.0 Calculator

Get a Picture of Application Security Risk in Your Organization

We developed this SAMM 2.0 calculator to simplify the scoring process – instead of downloading a spreadsheet from – we offer an easy-to-use online form that handles the calculation for you and provides a scoring benchmark against other organizations.

Estimated Time: 30 Minutes

SAMM 2.0 Framework

Concord is a sponsor of OWASP Software Assurance and Maturity Model (SAMM), which provides an effective and measurable way for all types of organizations to analyze and improve their software security posture.


Governance involves an organization’s overall software development activities


Design includes the defined goals and software creation within development projects


Implementation is how an organization builds and deploys software in production


Verification focuses on the test artifacts produced throughout software development


Operations entails monitoring and managing an organization’s production environment

Concord Security Practice

At Concord, our goal is to help organizations improve the effectiveness of their AppSec efforts by creating a transparent and simple view into the comprehensive state of their application security programs. Our Application Security Advisory Solutions will help secure your software through a combination of industry benchmarking and disciplined program development, security activities and controls.

Take the Next Step

Organizations with more than 20 applications are advised to contact us to learn how Concord can help achieve ROI by focusing on proactive security practices and embracing DevOps.

Not sure on your next step? We'd love to hear about your business challenges. No pitch. No strings attached.

©2024 Concord. All Rights Reserved