Membership

WHY JOIN THE BSIMM?

Evaluate your software security initiative using an open public standard for software security activities

Measure how your SSI efforts stack up against others also trying to secure their software portfolios

Communicate your software security posture to your customers, partners, and regulators, with independent assessment data to back it up

Navigate the evolution of your SSI

See a comprehensive list of activities found in dozens of software security initiatives

Gain access to an active BSIMM Community to engage with year-round, including at the annual conference

WHO ARE BSIMM MEMBERS?

BSIMM10 firms

The 122 participating organizations primarily represent eight verticals (with some overlap): financial services, independent software vendors, technology, healthcare, cloud, Internet of Things, insurance, and retail.

Verticals with lower representation in the BSIMM population include telecommunications, security, and energy. These companies graciously agreed to be identified:

Dahua
Global Payments

HOW DO I GET INVOLVED?

The most important use of the BSIMM is as a measuring stick to determine where your approach currently stands relative to other firms. We’ll help you do this by noting which activities you already have in place and using “activity coverage” to determine levels and build a scorecard. We also provide a chart that compares your maturity high-water mark to the averages we’ve published, showing you clearly how your initiative stacks up against others also trying to secure their software portfolios.

If you’re interested in participating in the BSIMM study, we’ll need to collect your data carefully in an intensive, in-person interview process.

Already a member? Log in to the community.