SBN

[Infographic] BSIMM10 by the numbers

How many BSIMM participants have a software security group? How many think it’s key to their success? How many people are in the average SSG? Get the facts.

Quick facts about BSIMM10

For 11 years, we’ve studied dozens of firms of different sizes and in different verticals to measure the software security practices they use in real life. We publish the results as the Building Security In Maturity Model (BSIMM), which describes the common areas many organizations share and the variations that make them unique.

BSIMM participants are the core of the BSIMM project. Our model is driven entirely by data about what firms are doing, without speculation as to what they should be doing. Without our participants, we’d have no data, and thus no model.

So who are BSIMM participants? How many people are in their software security groups? What activities do they perform? How well do they do? For participants who have had multiple BSIMM assessments across the years, how much have they improved? BSIMM10, available Sept. 18, will have all the answers. Until then, take a look at the infographic below (PDF version).

Download the BSIMM participants infographic

Facts about BSIMM participants

BSIMM10BSIMM9
Number of years BSIMM has been around (started in 2008)1110
Total number of BSIMM participants, all time185167
Number of software security activities measured by BSIMM119116
Average point increase seen in the raw scores of the firms re-measured11.110
Percent of BSIMM participants that incorporate the 12 core activities into their SSI6362
Percent of participants that have an SSI and agree that it’s key to the success of their initiative100100
Average ratio of SSG members to developers1:731:75
Average number of people in an SSG13.113.3
Average number of people in a satellite110117
Percent of the top-scoring BSIMM participants that have a satellite8690
Percent of the 10 lowest-scoring firms that have a satellite00

BSIMM10 is coming soon!


*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Synopsys Editorial Team. Read the original post at: https://www.synopsys.com/blogs/software-security/bsimm-participants-infographic/