Using the Software Security Framework (SSF) introduced in October, we interviewed nine executives running top software security programs in order to gather real data from real programs.Our goal is to create the Building Security In Maturity Model (BSIMM) based on these data, and we’re busy going over what we’ve built with the executives who run the nine initiatives.
In the course of analyzing the data we gathered, we unearthed some surprises that we covered in a previous column. In this column we begin to dig into the maturity model itself, starting with a discussion of nine software security activities that all of the programs we studied carry out as part of their initiatives. Software [In]security: Nine Things Everybody Does: Software Security Activities from the BSIMM | threatpost
From around the Web
- Gmail to drop IE6 support this year
- Older IE Versions Maintain Sizable Market Share Despite Security Concerns
- Google Chrome 4 Bolsters Browser Security with New Features
- 10 Reasons Why Microsoft Should Have Discussed Security At CES
- How three vendors screwed up USB stick security
- 94 more secret Windows shortcuts
- Facebook CEO: Privacy Not the Social Norm
- More flash drive firms warn of security flaw; NIST investigates
- The ultimate God Mode list: 39 secret Windows 7 shortcuts
- Microsoft, Adobe prep critical security patches
- Mozilla fixes upgrade flaw in Firefox
- Chrome grabs market share from IE and Firefox, passes Safari
- Facebook enhances privacy settings
- Windows 7 tricks: 20 top tips and tweaks
- The ABCs of securing your Windows netbook