All software is flawed. That’s a given. But what can be done about it? In the late 1990s researchers began studying ways that a programmer might contribute to (or unintentionally undermine) the security of a software system. It became clear that getting involved at the earliest software development level made sense. However, at some point, it also became apparent that software security includes business, social and organizational teams, that a more holistic approach was needed. And it was out of studying the existing software security initiatives in place at several major organizations that the Building Security in Maturity Model (BSIMM) was born.

from Forbes – Tech http://ift.tt/1M3kgFA
via IFTTT