Secure Coding mailing list archives
informIT: nine things everybody does
From: gem at cigital.com (Gary McGraw)
Date: Tue, 10 Feb 2009 07:48:03 -0500
hi sc-l, informIT just published my February column, once again co-authored by Brian Chess and Sammy Migues. This is the third in the series of articles about the maturity model. We have decided to call it the Building Security In Maturity Model (BSIMM). The latest article covers 13 of the 110 activities in the model. Of those 14, all nine of the organizations in our study did nine. The other 4 are done by most organizations (but not all nine), and were added to ensure coverage of the Software Security Framework. http://www.informit.com/articles/article.aspx?p=1326511 We will release the complete BSIMM model soon under a creative commons license. Stay tuned for that! gem company www.cigital.com podcast www.cigital.com/silverbullet podcast www.cigital.com/realitycheck blog www.cigital.com/justiceleague book www.swsec.com
Current thread:
- informIT: nine things everybody does Gary McGraw (Feb 10)