Home
Browse frameworks
Contact us
SAMMY premium
Login
SAMMY UI is optimized for resolutions with a width 1024px and higher.
DSOMM
Browse DSOMM
SAMM
DRP (Deprecated)
OpenSAMM1.5 (testing only)
ISO 27001 (Deprecated)
Cybersecurity Fundamentals
NIST CSF 2.0
NIST SSDF
NIST 800-34
DSOMM
BSIMM 14
Build and Deployment
Build
Deployment
Patch Management
Culture and Organization
Design
Education and Guidance
Process
Implementation
Application Hardening
Development and Source Code Control
Infrastructure Hardening
Information Gathering
Logging
Monitoring
Test and Verification
Application Tests
Consolidation
Dynamic Depth For Applications
Dynamic Depth For Infrastructure
Static Depth for Applications
Static Depth for Infrastructure
Test Intensity
MFA for admins
Simple access control for systems
Usage of edge encryption at transit
Applications are running in virtualized environments
Backup
Baseline Hardening of the environment
Isolated networks for virtual environments
MFA
Usage of an security account
Usage of encryption at rest
Usage of test and production environments
Virtual environments are limited
Filter outgoing traffic
Immutable infrastructure
Infrastructure as Code
Limitation of system events
Role based authentication and authorization
Usage of internal encryption at transit
Usage of security by default for components
WAF baseline
Hardening of the Environment
Production near environments are used by developers
Usage of a chaos monkey
WAF medium
Microservice-architecture
WAF advanced
MFA for admins
I-IH-1-1: MFA for admins
Two or more factor authentication for all privileged accounts on systems and applications
Not implemented
Partially implemented
Half implemented
Fully implemented