BSIMM Framework

HomeBSIMM Framework

BSIMM is made up of a software security framework used to organize the 112 activities used to assess initiatives. The framework consists of 12 practices organized into four domains.

Software Security Framework Domains

Governance

Practices that help you organize, manage and measure your software security initiative including staff development.

  • Strategy & Metrics
  • Compliance & Policy
  • Training

Intelligence

Practices that result in collections of knowledge to use to carry out software security activities throughout your organization.

  • Attack Models
  • Security Features & Design
  • Standards & Requirements

SSDL Touchpoints

Common practices associated with analysis and assurance of particular software development artifacts and processes.

  • Architecture Analysis
  • Code Review
  • Security Testing

Deployment

Practices that interface with traditional network security and software maintenance organizations.

  • Penetration Testing
  • Software Environment
  • Config Management & Vulnerability Management
color
http://www.bsimm.com/wp-content/themes/yunik-installable/
https://www.bsimm.com/
#51813b
style1
scrollauto
Loading posts...
#818285
on
none
loading
#818285
Sort Gallery
http://www.bsimm.com/wp-content/themes/yunik-installable
on
yes
yes
off
on
Newsletter Input text
off
off