Updated Resource For Application Security – BSIMM-V

Gary McGraw, Cigital CTO, just began an enthusiastic program promoting the newest version of the Building Security In Maturity Model (BSIMM-V).

BSIMM is an observation-based measuring stick for software security.  67 firms are involved in the BSIMM community.  If your organization is not involved, you can join and compare your maturity against these 67 firms (and against your peers), along 111 software development activities.

There is no reason for me to summarize the excellent announcement at “Software [In]Security: BSIMM-V Does a Number on Secure Software Dev.”  Read it.  Review BSIMM-5.  And think about “what next” for you.

Financial Services enterprises have obligations to demonstrate a level of due diligence that disallows “auto-pilot” software security.  BSIMM-V is an excellent resource to begin building security into your applications, or to measure and enhance your efforts already underway.

REFERENCES:

Software [In]Security: BSIMM-V Does a Number on Secure Software Dev.
http://searchsecurity.techtarget.com/feature/Software-Insecurity-BSIMM-V-does-a-number-on-secure-software-dev

Build Security In Maturity Model.
http://bsimm.com/

BSIMM On-Line
http://bsimm.com/online/

BSIMM4 measures and advances secure application development.
http://searchsecurity.techtarget.com/feature/BSIMM4-measures-and-advances-secure-application-development

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: