The Building Security In Maturity Model, more commonly known as the BSIMM, is a descriptive security model conducted through three levels of security activities. Each level is broken down into four domains of security activities: Governance, Intelligence, SSDL Touchpoints and Deployment. These domains are where each of the 112 security activities are analyzed within participating BSIMM firms.
A breakdown of the BSIMM activities are available within the BSIMM at a Glance resource to anyone responsible for creating and executing a software security initiative. Once you’ve explored the BSIMM at a Glance, download the full BSIMM report to see what measures real organizations through 12 industry verticals are taking to keep their data safe.
Not all organizations have the same security goals, but the BSIMM was created as a descriptive tool so that organizations can benefit from using the same measuring stick. When you join the 78 participating firms, you’ll become a member of a private group to discuss solutions and strategies with others who face the same issues.