For anyone interested in this topic and working in appsec and/or dev, there’s a
survey by the trusted software alliance which touches on some of these
questions here: https://www.surveymonkey.com/s/Developers_and_AppSec
> On Jan 7, 2014, at 8:07 PM, Christian Heinrich
> wrote:
>
>> Steph
Christian, (Stephen)
I’ll confess I’ve only skimmed the discussion but it looks productive. The
questions posed are good ones. I’ll try to provide a few clarifications from
“inside” the BSIMM study that may be helpful in pushing the discussion along:
1) Survey structure/technique attributes BSI
Stephen,
On Sat, Jan 4, 2014 at 8:12 PM, Stephen de Vries
wrote:
> Leaving the definition of agile aside for the moment, doesn’t the fact that
> the BSIMM measures
> organisation wide activities but not individual dev teams mean that we could
> be drawing inaccurate
> conclusions from the data?
Hi Sammy, Antti,
On 20 Dec 2013, at 17:29, Sammy Migues wrote:
> Also, in nearly all cases, it would be very hard to characterize an entire
> firm or even an entire business unit in larger firms as "Agile" or not. Many
> larger firms use "Agile" for only a small percentage of projects
Leav
rough various parts of their waterfall
process.
Cheers,
--Sammy.
-Original Message-
From: SC-L [mailto:sc-l-boun...@securecoding.org] On Behalf Of Stephen de Vries
Sent: Tuesday, December 17, 2013 5:21 AM
To: Gary McGraw
Cc: Secure Code Mailing List
Subject: Re: [SC-L] BSIMM-V Article
> In the current BSIMM-V dataset is it possible to narrow the data down to only
> organisations practising Agile dev? I think it would be interesting to see
> which BSIMM activities are popular with agile houses, and which not.
One of the reasons not to do this is that publishing data that woul
On 13 Dec 2013, at 22:51, Gary McGraw wrote:
>
> From time to time we talk about getting to the dev community here. This
> article is at least in the right publication!
>
> Read it and pass it on:
> http://adtmag.com/blogs/watersworks/2013/12/bsimm-v-released.aspx
Hi Gary,
In the current B
hi sc-l,
>From time to time we talk about getting to the dev community here. This
>article is at least in the right publication!
Read it and pass it on:
http://adtmag.com/blogs/watersworks/2013/12/bsimm-v-released.aspx
Salubrious solstice! One week and one day to go.
gem
__
