mailing list archives
Re: BSIMM-V Article in Application Development Times
From: Stephen de Vries <stephen () continuumsecurity net>
Date: Tue, 17 Dec 2013 11:20:36 +0100
On 13 Dec 2013, at 22:51, Gary McGraw <gem () cigital com> wrote:
From time to time we talk about getting to the dev community here. This article is at least in the right publication!
Read it and pass it on: http://adtmag.com/blogs/watersworks/2013/12/bsimm-v-released.aspx
In the current BSIMM-V dataset is it possible to narrow the data down to only organisations practising Agile dev? I
think it would be interesting to see which BSIMM activities are popular with agile houses, and which not.
Ideally, it would be nice to not only differentiate between Agile and non-agile, but different degrees of agile based
on the length of iterations and/or the frequency of deployments. E.g. less-agile = 3 month iterations and multi-month
deploys, more-agile = continuous delivery with multiple deploys per day.
Stephen de Vries
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates