Gary McGraw on evolution of BSIMM maturity framework

Gary McGraw on evolution of BSIMM maturity framework

Gary McGraw on evolution of BSIMM maturity framework

Date: Mar 12, 2013

SAN FRANCISCO -- The man who wrote the book on software security best practices said that while it was once difficult to measure an organization's secure software development capabilities, the invention of the Building Security in Maturity Model, or BSIMM, has created an effective "measuring stick for software security."

Gary McGraw, Cigital Inc. CTO and co-author of Building Secure Software, the industry's first book on software security, said BSIMM now makes it trivial for an organization to determine whether its developers have the right training, tools and processes in place.

"The BSIMM knows all that," McGraw said, "and it's a beautiful way to measure software security."

In this interview, conducted at RSA Conference 2013, McGraw discussed the creation and subsequent evolution of BSIMM, which now measures more than 100 different software security benchmarks, as well as why some organizations continue to ignore software security, and how major software vendors like Microsoft and Adobe are addressing obstacles that are preventing secure software development.

View the next item in this Essential Guide: Gary McGraw on secure software development, BSIMM study or view the full guide: How to develop software the secure, Gary McGraw way

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: