Hey Everyone. You've probably seen the posts I've made to sc-l about the Software Assurance Maturity Model (SAMM) and I'm sure you've seen the latest from Gary with the BSIMM.
Lots of folks have pinged me over the last two days about the relationship between the two (short answer: they're different), so I blogged about it here: http://www.opensamm.org/2009/03/whats-up-with-the-other-model/ Thanks! p. ~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~ ~~~~~~~~ ~~~~~ ~~~ ~~ ~ Pravir Chandra chandra<at>list<dot>org PGP: CE60 0E10 9207 7290 06EB 5107 4032 63FC 338E 16E4 ~ ~~ ~~~ ~~~~~ ~~~~~~~~ ~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~ _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
