Software Integrity Blog

Author Archive

Drew Kilbourne


Drew Kilbourne is a managing director at Synopsys Software Integrity Group. He brings over 30 years of experience encompassing a rise through technical engineering to managing the delivery of complex software and program solutions to the financial and telecommunications industries. In his time at Synopsys, he has focused on helping senior managers establish and execute multi-year programs for quality assurance, enterprise software development, tool and automation deployment, and software security improvement. Drew is also Chairman and President of the Software Security Vendor Assessment Center, a non-profit focused on vendor management in the Financial and Healthcare industries.

Posts by Drew Kilbourne:


BSIMMsc leading the way to ensure third-party software quality

In reading publications recently released by FS-ISAC and SAFECode on vendor management and third-party risk, I am pleased that the industry is finally coming together. We seem to finally agree on the obvious need to assess the processes under which software is made and not a particular end result. If “penetrate and patch” had any positive effect on software quality, we would have no defects left on planet Earth given how much testing has been done over the past 50 years. The Software Security Vendor Assessment Center (SSVAC) Two years ago, Synopsys created a nonprofit, the Software Security Vendor Assessment Center (SSVAC), to help FS-ISAC members share vendor assessments. The SSVAC Board also agreed that the only way to really determine the health of software is to measure the process under which it is made.

Continue Reading...

Posted in Software Security Program | Comments Off on BSIMMsc leading the way to ensure third-party software quality