A Security Development Lifecycle (SDL) defines various activities required to build security into a product or application. The Product Security Maturity Model™ (PSMM) helps determine "how well" each of the SDL activities are being performed. The SDL provides breadth, while the PSMM provides depth.
The PSMM was first developed by Harold Toomey in 2014. Other contributors include Patrick McEnany, James Ransome, and Brook Schoenfield. The PSMM can be freely used to measure the depth or maturity of the security practices in your organization. Several organizations use it today, including:
McAfee LLC |
|
|
Intel Security | ![]() |
Moving up the Product Security Maturity Model, June 12, 2015 |
Intel Corp. | ![]() |
Intel's Product Security Maturity Model (PSMM), October 2, 2015 Beyond ISO 27034 - Intel's Product Security Maturity Model (PSMM), October 8, 2015 |
Seagate Technology | Monty, PSIRT and attendee at the CERT Vendors Meetings | |
Deloitte | ![]() |
LinkedIn Reference, 2016 |
2016: The Original 8-12 Model | Original PSMM with 8 operational and 12 technical SDL activities | |
PSMM Presentation 2016 | MS PowerPoint slides that discribe the PSMM at a high level | |
PSMM Document 2016 | MS Word document that describes the PSMM and all levels of all activities in detail | |
PSMM Spreadsheet 2016 | MS Excel spreadsheet used to collect data and automatically compute scores |
PSMM Parameters 2016 |
||
Operational | Technical | Maturity Levels |
|
|
|
Scoring | (8 + 12) × 5 = 100 |
UNDER DEVELOPMENT
2018: The New 9-16 Model | Updated PSMM with 9 operational and 16 technical SDL activities | |
PSMM Presentation 2018 | MS PowerPoint slides that discribe the PSMM at a high level | |
PSMM Document 2018 | MS Word document that describes the PSMM and all levels of all activities in detail | |
PSMM Spreadsheet 2018 | MS Excel spreadsheet used to collect data and automatically compute scores |
PSMM Parameters 2018 |
||
Operational | Technical | Maturity Levels |
|
|
|
Scoring | (9 + 16) × 4 = 100 |
Return Home
Last updated 21 October 2019