Security Weekly
Paul's Security WeeklySubscribe
Application security, Compliance Management, DevSecOps

Key Findings From The Newly Released BSIMM11 Report – Mike Ware – PSW #667

BSIMM11, the latest version of the Building Security In Maturity Model (BSIMM), was created to help organizations plan, execute, measure, and improve their Application Security program/initiatives. BSIMM11 reflects the software security practices observed across 130 firms from industries such as finserv, independent software vendors, cloud and healthcare.

This segment is sponsored by Synopsys.

Visit https://securityweekly.com/synopsys to learn more about them!

Sponsored By

Synopsys
Full episode and show notes

Announcements

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Guest

Mike Ware
Senior Director of Technology at Synopsys

Mike Ware is the senior director of technology within the Synopsys Software Integrity Group and a co-author of the Building Security In Maturity Model (also commonly known as the BSIMM).

Hosts

Principal Security Evangelist at Eclypsium
Sr. InfoSec Consultant at Online Business Sytems
Security Analyst at Black Hills Information Security
Product Security Research and Analysis Director, Services Team Lead at Finite State
Senior Cyber Advisor at Lawrence Livermore National Laboratory
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

Related

Hacking AI Bias with Human Techniques – Keith Hoodlet – ASW #284

We already have bug bounties for web apps so it was only a matter of time before we would have bounties for AI-related bugs. Keith Hoodlet shares his experience winning first place in the DOD's inaugural AI bias bounty program. He explains how his education in psychology helped fill in the lack of resources in testing an AI's bias. Then we discuss ...
AI & Hype & Security (Oh My!) – Caleb Sima – ASW #284

A lot of AI security has nothing to do with AI -- things like data privacy, access controls, and identity are concerns for any new software and in many cases AI concerns look more like old-school API concerns. But...there are still important aspects to AI safety and security, from prompt injection to jailbreaking to authenticity. Caleb Sima explain...