The Building Security in Maturity Model is chock full of hardcore software security goodness as practiced by some of the most successful companies on earth. But there are too many activities to take on all at once without overwhelming the ship. Which BSIMM activities are the most important? And more critically, if you are just getting started, which BSIMM activities should you adopt first?

If you are getting started with the