search menu icon-carat-right cmu-wordmark

Sammy Migues (Cigital)


Sammy Migues is a Principal at Cigital, Inc. He has spent nearly three decades advancing the cause of information security through entrepreneurial innovation, intellectual capital development, practical business solutions, and performance optimization. Migues has experience in chief architect, chief technologist, and evangelist roles, working directly with customers, product developers, and consultants. As a founding member of four security services organizations, Migues was responsible for creating the practical knowledge leveraged for repeatability and business growth. As an early participant in activities ranging from NSA "Rainbow Books", NIST Common Criteria, and DoD DITSCAP initiatives to state-of-the-art compliance management and software security risk models, he made critical observations on the evolving relationships between information security threat, vulnerability, risk, and business objectives. Migues expressed many of these ideas in various publications and workshops, as well as in patent applications for the iDEFENSE intelligence generation process, the TruSecure risk management process, and the Cybertrust security risk index. Most recently he has been working on the Build Security In Maturity Model (BSIMM) for software security groups. Migues holds a BS in Computer Science and a Master’s degree in Information Security.

Publications by Sammy Migues (Cigital)