In addition to studying new companies, BSIMM 3 for the first time provides longitudinal data on the security process at eleven of the thirty companies profiled in May 2010.
For companies that want to begin the process of secure software development, the BSIMM model provides a loose framework that can be adapted to most any organization, large or small.
Building Security In Maturity Model (BSIMM) is a secure software development lifecycle model that grew out of scientific observations around software security practices at nine companies ranging from Adobe to Google, and Wells Fargo back in 2009.