The 11th iteration of the Building Security In Maturity Model reflects how organizations are adapting their software security efforts to support modern software development paradigms
September 17, 2020
Synopsys, Inc. published BSIMM11, the latest version of the Building Security In Maturity Model (BSIMM), created to help organizations plan, execute, measure, and improve their software security initiatives (SSIs). BSIMM11 reflects the software security practices observed across 130 firms from multiple industry verticals including financial services, FinTech, independent software vendors, cloud, health care, Internet of Things, insurance, and retail.
Poor security measures associated with software development puts organizations at risk
September 15, 2020
Digital Shadows revealed new research looking at the growing problem of company access keys inadvertently exposed during software development. Access keys, and their corresponding secrets, are used by developers to authenticate into other systems.
Claroty researchers have uncovered six critical vulnerabilities in third-party license management components, which could expose operational technology (OT) environments (hardware and software components) across numerous industries to exploits via cyberattacks.
New research finds nearly half of organizations regularly and knowingly ship vulnerable code despite using application security tools. Among the top reasons cited for pushing vulnerable code were pressure to meet release deadlines (54 percent) and finding vulnerabilities too late in the software development lifecycle (45 percent), according to the Veracode and Enterprise Strategy Group (ESG) research.
By 2021, cybercrime will cost about 6 trillion dollars a year. With an ever-increasing amount of ways to connect to your network, IT security teams must be able to secure and mitigate this risk by prioritizing security concerns at earlier stages of the software development life cycle.
If you’re in business today, no matter what your “core” product or service is, you are almost certainly a software company. It is nearly impossible to run a business without it. That means you should know about the Building Security In Maturity Model—better, and more conveniently, known as the BSIMM.
This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.