Gary, Well done to you and your team for working on this, I've read the article and was interested in something that actually didn`t appear. There was a lot of comparisions between the activities that all the european sites performed, and the activities that were not performed w.r.t. the BSIMM activities and the american founders.
However there was no mention of any activities that were unique to the european sites, was this studied at all, and will it be incorporated into BSIMM 2? CJC On Wed, Nov 11, 2009 at 6:09 AM, Gary McGraw <g...@cigital.com> wrote: > > > hi sc-l, > > Today we officially launch BSIMM Europe, a study of 9 EU firms' software > security initiatives. We continue to focus our work on large-scale software > security initiatives at major software firms. Firms in the study included: > Nokia, Standard Life, SWIFT, Telecom Italia, and Thomson Reuters. > > An informIT article can be found here: > http://www.informit.com/articles/article.aspx?p=1405841 > > The article describes our findings regarding European software security by > contrast with the original BSIMM. We have tripled the size of the BSIMM > study to 27 firms with several more under way. We hope to reach 30 firms by > year end. > > We released BSIMM v1.5 as part of the BSIMM Europe push. The document > (released under the Creative Commons) is available for download and now > includes and appendix about BSIMM Europe http://www.bsi-mm.com/europe/. The > original document has been translated into Italian (by Minded Security) and > German (by Virtual Forge). > > We are very excited about BSIMM progress and look forward to sharing more > real data with the community. No more faith based software security! > > gem > > company www.cigital.com > podcast www.cigital.com/silverbullet > blog www.cigital.com/justiceleague > book www.swsec.com > > _______________________________________________ > Secure Coding mailing list (SC-L) SC-L@securecoding.org > List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) > as a free, non-commercial service to the software security community. > _______________________________________________ > _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
