BSIMM10 shows new wave of engineering-led software security in DevOps

The security aspect of DevOps is evolving as new data found a new wave of engineering-led software security efforts originating bottom-up in the development and operations teams rather than top-down from a centralized software security group. Software security initiatives have identified a number of individuals often developers, testers, and architects who are invested in improving software security but are not directly employed in the SSG. These individuals are regarded as the satellite in an organization and BSIMM stated that many organizations are now referring to this group as their software security champions. Sixty-seven percent of firms that have been assessed more than once for the BSIMM have a satellite, while 66 percent of firms on their first assessment do not. This shows that as SSI matures, its activities become distribute.

Spotlight

Spotlight

Related News