Cigital BSIMM other OWASP Open SAMM
BSSIM There are 10 practices oganized into four domains
1.Strategy and Metrics
2.Compliance (following law or norm) and Policy
5.Security Features and Design
6.Standards and requirements
12.Configuration and Vulnerability Managment
- SDL Practice #1: Core Security TrainingThis practice is a prerequisite for implementing the SDL. Foundational concepts for building better software include secure design, threat modeling, secure coding, security testing, and best practices surrounding privacy.