BSIMM is a set of best practices Cigital and Fortify developed by analyzing real-world data from nine leading software security initiatives. Cigital CTO Gary McGraw talks about what’s in the latest version of the standard he helped create. McGraw: BSIMm is “extremely useful for comparing the initiative of any given firm to a large group of similar firms” McGraw said some highlights for the third major release include the work of 786 SSG members working with a satellite of 1750 people.”]
Source: https://www.csoonline.com/article/2134866/bsimm3-launches-today.html