This document discusses software security strategies and the Open Software Assurance Maturity Model (OpenSAMM). It provides examples of objectives and assessments for governance, construction, verification, and operations based on OpenSAMM. The document also outlines how to get started with OpenSAMM, including assessing maturity levels, defining a roadmap, and estimating costs. External support is offered to help with assessments, penetration tests, and training.