Evaluate your software security initiative using an open public standard for software security activities
Measure how your SSI efforts stack up against others also trying to secure their software portfolios
Communicate your software security posture to your customers, partners, and regulators, with independent assessment data to back it up
Navigate the evolution of your SSI
See a comprehensive list of activities found in dozens of software security initiatives
Gain access to an active BSIMM Community to engage with year-round, including at the annual conference
The most important use of the BSIMM is as a measuring stick to determine where your approach currently stands relative to other firms. We’ll help you do this by noting which activities you already have in place and using “activity coverage” to determine levels and build a scorecard. We also provide a chart that compares your maturity high-water mark to the averages we’ve published, showing you clearly how your initiative stacks up against others also trying to secure their software portfolios.
If you’re interested in participating in the BSIMM study, we’ll need to collect your data carefully in an intensive, in-person interview process.