The Building Security In Maturity Model (BSIMM) is a data-driven model developed through the analysis of software security initiatives (SSIs), also known as application/product security programs. BSIMM10 represents the latest evolution of this detailed and sophisticated “measuring stick” for SSIs. Our analysis of real-world data from 122 organizations in eight industry verticals uncovered these trends:
Organizations can achieve a higher level of maturity if they focus on the depth, breadth, and scale of the activities they’re already conducting rather than striving to add new ones.
The DevOps movement, along with growth in CI/CD tooling and digital transformation, is affecting the way that firms approach software security for their software portfolio.
A new wave of engineering-driven security culture is emerging in response to both the demands of modern software delivery practices such as agile and DevOps and undesirable friction with existing SSIs.
Download BSIMM10 now to read more about these findings and discover what activities are essential for building a successful software security initiative.
Download the latest BSIMM
The BSIMM is designed to help you understand, measure, and plan a software security initiative. The BSIMM was created by observing and analyzing real-world data from leading software security initiatives.