Name
B1. Measuring Software Security Programs using BSIMM
Track
App Sec
Date
Wednesday, May 9, 2018
Time
11:15 AM - 12:15 PM
Description
Session Description:
The Building Security-In Maturity Model (BSIMM) is a continuously evolving framework for measuring security actvitiy within software and product development life-cycles. This session will go into detail of the ins and outs of the framework, its evolution, and the most interesting data based on the most recent version of the BSIMM report (BSIMM8).
Learner Objectives
After completing this session, learners will:
- Understand how BSIMM measures software security programs
- Differentiate BSIMM from other maturity models (CMMI, OpenSAAM)
- Interpret the public BSIMM dataset published from BSIMMv8
Speakers
Speaker Bio(s)
Kevin Nassery is a Managing Principal at Synopsys. With over 20 years of experience building and breaking information systems, he specializes in software security program design, infrastructure security, security architecture, denial of service issues, and penetration testing. Kevin holds a Master's from Depaul University where his focus was on network protocol design and security.
CEUs
1