Gary McGraw on evolution of BSIMM maturity framework

SAN FRANCISCO -- The man who wrote the book on software security best practices said that while it was once difficult to measure an organization's secure software development capabilities, the invention of the Building Security in Maturity Model, or BSIMM, has created an effective "measuring stick for software security."

Gary McGraw, Cigital Inc. CTO and co-author of Building Secure Software, the industry's first book on software security, said BSIMM now makes it trivial for an organization to determine whether its developers have the right training, tools and processes in place.

"The BSIMM knows all that," McGraw said, "and it's a beautiful way to measure software security."

In this interview, conducted at RSA Conference 2013, McGraw discussed the creation and subsequent evolution of BSIMM, which now measures more than 100 different software security benchmarks, as well as why some organizations continue to ignore software security, and how major software vendors like Microsoft and Adobe are addressing obstacles that are preventing secure software development.

View All Videos

Essential Guide

How to develop software the secure, Gary McGraw way

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.







  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...