This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies By closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
The 11th iteration of the Building Security In Maturity Model reflects how organizations are adapting their software security efforts to support modern software development paradigms
Synopsys, Inc. published BSIMM11, the latest version of the Building Security In Maturity Model (BSIMM), created to help organizations plan, execute, measure, and improve their software security initiatives (SSIs). BSIMM11 reflects the software security practices observed across 130 firms from multiple industry verticals including financial services, FinTech, independent software vendors, cloud, health care, Internet of Things, insurance, and retail.
Digital Shadows revealed new research looking at the growing problem of company access keys inadvertently exposed during software development. Access keys, and their corresponding secrets, are used by developers to authenticate into other systems.
Claroty researchers have uncovered six critical vulnerabilities in third-party license management components, which could expose operational technology (OT) environments (hardware and software components) across numerous industries to exploits via cyberattacks.
New research finds nearly half of organizations regularly and knowingly ship vulnerable code despite using application security tools. Among the top reasons cited for pushing vulnerable code were pressure to meet release deadlines (54 percent) and finding vulnerabilities too late in the software development lifecycle (45 percent), according to the Veracode and Enterprise Strategy Group (ESG) research.
Google has admitted that its Home speakers recorded users at all times, even when they hadn't said "wake words" such as "OK Google," due to a security error earlier this year.
By 2021, cybercrime will cost about 6 trillion dollars a year. With an ever-increasing amount of ways to connect to your network, IT security teams must be able to secure and mitigate this risk by prioritizing security concerns at earlier stages of the software development life cycle.
If you’re in business today, no matter what your “core” product or service is, you are almost certainly a software company. It is nearly impossible to run a business without it. That means you should know about the Building Security In Maturity Model—better, and more conveniently, known as the BSIMM.
The London Stock Exchange denies that a cyber attack was responsible for a trading outage in August. U.K. security agencies are reportedly investigating the cause of the incident.
