RealTime IT News

BSIMM-V Advocates for Bug Bounties

The annual Building Security in Maturity Model (BSIMM) aims to help give enterprise a yardstick to measure security posture. The fifth iteration of the model is now out and adds just a single new practice to what last year's BSIMM advocated.

Jacob West, CTO for enterprise security products at Hewlett-Packard, is a co-author of the 2013 BSIMM and explained to eWEEK that the new 2013 model includes 112 best-practice activities for security. The single new activity added this year is a recommendation for organizations to have a bug-bounty program. These bug-bounty programs encourage security researchers to responsibly disclose software vulnerabilities, and in return, vendors provide rewards

Read the full story at eWeek:
Building Security in Maturity Model Includes Bug-Bounty Programs

Sean Michael Kerner is a senior editor at InternetNews.com. Follow him on Twitter @TechJournalist.