Deployment

The process of practices

Deployment includes those practices that interface with traditional network security and software maintenance organizations. Software configuration, maintenance, and other environment issues have direct impact on software security.

Penetration Testing

The Penetration Testing practice involves standard outside-in testing of the sort carried out by security specialists. Penetration testing focuses on vulnerabilities in the final configuration, and provides direct feeds to defect management and mitigation.

Learn more

Software Environment

The Software Environment practice deals with OS and platform patching (including in the cloud), WAFs, installation and configuration documentation, containerization, orchestration, application monitoring, change management, and code signing.

Learn more

Configuration Management & Vulnerability Management

The Configuration Management & Vulnerability Management practice concerns itself with patching and updating applications, version control, defect tracking and remediation, and incident handling.

Learn more

The BSIMM is designed to help you understand, measure, and plan a software security initiative. The BSIMM was created by observing and analyzing real-world data from leading software security initiatives.

Useful Links

About BSIMM

Privacy & Legal

This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 License