BSIMM6

[Gary McGraw <gem () cigital com>]

hi sc-l,

Today Cigital published Release 6 of the Building Security In Maturity Model (BSIMM).  The BSIMM now represents eight 
years of bringing science to the software security.  We have directly measured over 104 companies across multiple 
industries (BSIMM6 covers 78 of them).  BSIMM6 also includes the addition of healthcare as a one of the 
well-represented verticals (10 firms or more).

Opinion is rife in computer security, and software security as well.  BSIMM6 provides a set of facts to both counter 
and ground opinion in reality.  Want to know what the ratio of software security professionals to developers is?  The 
BSIMM knows.  BSIMM6 describes the work of 1,084 SSG members working with a satellite of 2,111 people to secure the 
software developed by 287,006 developers

The BSIMM is a free resource published under the creative commons.  Please use it in your own work.  You can download 
BSIMM6 from the new website http://bsimm.com<http://bsimm.com/>

gem

company www.cigital.com
podcast www.cigital.com/silverbullet
book www.swsec.com
twitter @cigitalgem


_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________