In early October, we released the latest version of the BSIMM report, BSIMM9. While many things about the report haven’t changed much, it’s the new things that make it really exciting. After 10 years of study and 167 total firms measured, we’re seeing interesting trends in the state of software security initiatives and how firms go about performing software security.
BSIMM9 is the ninth version of the Building Security In Maturity Model, which describes real-life software security initiatives. BSIMM9 covers 116 activities (grouped into 12 general practices in four domains) performed by 120 firms we assessed within the last 42 months. Some firms got multiple assessments during that time (to see how their SSIs are maturing), and some firms had multiple business units assessed separately, so we ended up with 320 measurements.
New findings on software security initiatives
Join Mike Ware, managing principal at Synopsys, Oct. 25 at 12 p.m. EDT as he presents our BSIMM9 webinar. Mike will give a quick recap of the BSIMM and how organizations can use it before diving into the changes observed in BSIMM9, including these:
- The incorporation of three new cloud-related activities and what that says about AppSec
- The addition of retail as a stand-alone vertical
- The growth in the number of security and developer resources
Can’t make the webinar? Register anyway so you can watch the recording later.
Join us Oct. 25 at 12–1 p.m. EDT
*** This is a Security Bloggers Network syndicated blog from Software Integrity authored by Synopsys Editorial Team. Read the original post at: https://www.synopsys.com/blogs/software-security/bsimm9-software-security-initiatives-webinar/