Over the past seven years, the Building Security In Maturity Model (BSIMM) has studied 112 security activities in over 100 firms to measure the software security practices across a participating organization. Quantifying these practices allows BSIMM to describe the common areas shared by many organizations, as well as the variations that make each unique. BSIMM isn’t a ‘how to’ guide. It’s not a one-size-fits-all prescription. It’s a reflection of real software security initiatives taking place around the world. Take a look at the infographic below to see some key facts involving the study over the years and the recently released BSIMM6.