Building Security in Maturity Model (BSIMM)

BSIMM-V does a number on secure software development

by Gary McGraw, Contributor

The fifth iteration of the Building Security In Maturity Model project is a tool enterprises can use as a measuring stick for their software security initiatives. Gary McGraw offers this exclusive first look... [read more] (SearchSecurity.com) What is BSIMM-V? The Building Security In Maturity Model (BSIMM, pronounced "bee simm") is an observation-based scientific model describing the collective software security activities of 51 software security initiatives. Thirty-six of the 51 firms we studied have graciously allowed us to use their names -- they are listed under "BSIMM member organizations" in the sidebar. BSIMM4 is used as a measuring stick for software security. As such, it is useful for comparing software security activities observed in a target firm to those activities observed among the 51 firms (or various subsets of the 51 firms). A direct comparison using the BSIMM is an excellent tool for devising a software security strategy... [read more] more at http://bsimm.com