BSIMM is a software security measurement framework established to help organisations compare their software security to other organisations initiatives and find out where they stand. The Building Security In Maturity Model is a study of existing software security initiatives. By quantifying the practices of many different organizations, we can describe the common ground shared by many as well as the variation that makes each unique.
