Additional Resources
- Real-World Software Security, Dr. Dobbs (August 6, 2010); see also: InformationWeek.
- BSIMM2: Measuring the Emergence of a Software Security Community (May 12, 2010)
- What Works in Software Security (February 26, 2010)
- Cargo Cult Computer Security (January 28, 2010)
- You Really Need a Software Security Group (December 21, 2009)
- BSIMM Europe (November 10, 2009)
- BSIMM Begin (September 24, 2009)
- Measuring Software Security (June 18, 2009)
- The Building Security In Maturity Model (BSIMM), Confessions of a Software Security Alchemist (March 16, 2009)
- A Software Security Framework: Working Towards a Realistic Maturity Model (October 15, 2008)
Building Security In Maturity Model presentation - May 2010
This is the standard slide deck we are using for BSIMM presentation. To date, this talk has been delivered at OWASP Belgium, DHS Software Assurance meeting, FS-ISAC, FSTC, RSA, ROOTS, OWASP NoVA, DDR&E/IARPA, metricon, Usenix Security, the FFIEC, Purdue’s CERIAS center, the Cylab corporate partners meeting, the UNCC 10th Cyber Security Conference, OWASP Brazil, SE OOP Munich, RSA, and secappdev. More to come.
Supply Chain Working Group (toolkit)
The supply chain working group convened by FSSCC/FBIIC (government financial collaboration organizations put together by Treasury, OCC, FDIC...) leveraged BSIMM activities.