Join us on this podcast as we convene with four leading Application Security specialists and focus on the assessment aspect of SAMM.SAMM Assessment is the process of figuring out the current security maturity for a given scope (which can be a team, a business unit or the entire organization). Software Assurance Maturity Model (SAMM) provides a clear-cut questionnaire with 90 multiple-choice questions and a list of quality criteria that represent the definition of done per question. However an objective and correct assessment is not as straightforward as it might seem. There are many issues such as who should conduct the assessment, how to ensure objective scoring, what is necessary to prepare in advance both by the interviewers and interviewees.In this engaging discussion, experts Aram Hovsepyan, Brian Glas, Rob van der Veer, and Maxim Baele discuss the process, practical implementation, best practices, tips and tricks when preparing and conducting SAMM assessments.Don't miss out on a free OWASP SAMM training led by Aram Hovsepyan: https://codific.com/the-owasp-samm-tr...In this podcast, we went over the following topics:CHAPTERS: 0:00 - 7:20 Introductions 7:21 - 18:39 Assessments by self vs internal team vs third party external team18:40 - 33:56 Interview practicalities33:57 - 46:51 How to make sure interview answers are truthful46:52 - 52:09 What shall the interviewee prepare in advance52:10 - 54:19 Using SAMM for mergers and acquisitions54:20 - 56:25 How can AI and LLMs help with SAMM assessments