报告预览

新思科技：2023软件安全构建成熟度模型(BSIMM)（第14版）（英文版）（94页）.pdf

编号：149961

PDF DOCX 中文版 94页 1.04MB 下载积分：VIP专享

下载报告请您先登录！

新思科技：2023软件安全构建成熟度模型(BSIMM)（第14版）（英文版）（94页）.pdf

1、REPORT 20232TABLE OF CONTENTSPART 1:EXECUTIVE SUMMARY.4WELCOME TO BSIMM14.5BSIMM14 DATA HIGHLIGHTS .6TRENDS AND INSIGHTS SUMMARY.7How Software Security Is Changing.7Expanding Securitys Scope.7Who Owns Security.8Important Decisions in Software Security.8CALL TO ACTION.9Plan Your Journey.9Get a Handle

2、 on What You Have.9Make the Right Investments.9THE BSIMM SKELETON .10PART 2:TRENDS AND INSIGHTS.12Evolution of Shift Everywhere.13Integrating Tooling.13Governance and Automation.13Security Touchpoints.13Enabling People .14SOFTWARE SUPPLY CHAIN RISK MANAGEMENT.14Software Bill of Materials(SBOM).14Ope

3、n Source Risk Management.14Vendor Management and Bespoke Software.14PRODUCT SECURITY AND APPLICATION SECURITY.14Shipping Products to Dangerous Environments.14Growing“Product Security Program”Representation .15SECURITY ENABLERS .15Security Champions.15Cloud Architecture.15SECURITY ECONOMICS.15TOPICS

4、WERE WATCHING.15PART 3:BSIMM PARTICIPANTS.16PARTICIPANTS .17PART 4:QUICK GUIDE TO SSI MATURITY .19A BASELINE FOR SSI LEADERS.20Is Your SSI Keeping Pace with Change in Your Software Portfolio?.20Are You Creating the DevSecOps Culture You Need?.20Are You Shifting Security Efforts Everywhere in the Eng

5、ineering Lifecycle?.20How Does Your SSI Measure Up?.20USING A BSIMM SCORECARD TO MAKE PROGRESS.20Understand Your Organizational Mandate.21Build the Scorecard.21Make a Strategic Plan and Execute.21PART 5:THE BSIMM FRAMEWORK.24CORE KNOWLEDGE.25UNDERSTANDING THE MODEL .26PART 6:THE BSIMM ACTIVITIES.27A

6、CTIVITIES IN THE BSIMM .28GOVERNANCE .28Governance:Strategy&Metrics(SM).28Governance:Compliance&Policy(CP).30Governance:Training(T).32INTELLIGENCE .34Intelligence:Attack Models(AM).34Intelligence:Security Features&Design(SFD).36Intelligence:Standards&Requirements(SR).37SDLC TOUCHPOINTS .39SDLC Touch

友情提示

1、下载报告失败解决办法
2、PDF文件下载后，可能会被浏览器默认打开，此种情况可以点击浏览器菜单，保存网页到桌面，就可以正常下载了。
3、本站不支持迅雷下载，请使用电脑自带的IE浏览器，或者360浏览器、谷歌浏览器下载即可。
4、本站报告下载后的文档和图纸-无水印,预览文档经过压缩，下载后原文更清晰。

本文（新思科技：2023软件安全构建成熟度模型(BSIMM)（第14版）（英文版）（94页）.pdf）为本站（无糖拿铁）主动上传，三个皮匠报告文库仅提供信息存储空间，仅对用户上传内容的表现方式做保护处理，对上载内容本身不做任何修改或编辑。若此文所含内容侵犯了您的版权或隐私，请立即通知三个皮匠报告文库（点击联系客服），我们立即给予删除！

温馨提示：如果因为网速或其他原因下载失败请重新下载，重复下载不扣分。