Thursday, October 31, 2013

Building Security in Maturity Model (BSIMM)

BSIMM-V does a number on secure software development
by Gary McGraw, Contributor
The fifth iteration of the Building Security In Maturity Model project is a tool enterprises can use as a measuring stick for their software security initiatives. Gary McGraw offers this exclusive first look... [read more]

What is BSIMM-V?
The Building Security In Maturity Model (BSIMM, pronounced "bee simm") is an observation-based scientific model describing the collective software security activities of 51 software security initiatives. Thirty-six of the 51 firms we studied have graciously allowed us to use their names -- they are listed under "BSIMM member organizations" in the sidebar.
BSIMM4 is used as a measuring stick for software security. As such, it is useful for comparing software security activities observed in a target firm to those activities observed among the 51 firms (or various subsets of the 51 firms). A direct comparison using the BSIMM is an excellent tool for devising a software security strategy... [read more]


Share It

Popular Posts