BSIMM Framework

HomeBSIMM Framework

BSIMM is made up of a software security framework used to organize the 113 activities used to assess initiatives. The framework consists of 12 practices organized into four domains.

Software Security Framework Domains

Governance

Practices that help organize, manage, and measure a software security initiative.

  • Strategy & Metrics
  • Compliance & Policy
  • Training

Intelligence

Practices that result in collections of corporate knowledge used in carrying out software security activities throughout the organization.

  • Attack Models
  • Security Features & Design
  • Standards & Requirements

SSDL Touchpoints

Practices associated with analysis and assurance of particular software development artifacts and processes.

  • Architecture Analysis
  • Code Review
  • Security Testing

Deployment

Practices that interface with traditional network security and software maintenance organizations.

  • Penetration Testing
  • Software Environment
  • Config Management & Vulnerability Management
color
http://www.bsimm.com/wp-content/themes/yunik-installable/
https://www.bsimm.com/
#51813b
style1
scrollauto
Loading posts...
#818285
on
none
loading
#818285
Sort Gallery
http://www.bsimm.com/wp-content/themes/yunik-installable
on
yes
yes
off
on
Newsletter Input text
off
off