Software is critical to everything we do in the modern world and is behind our most critical systems.
As such, it is imperative that it be secure by design. Software security is therefore as much a business decision as
it is about avoiding security risks.
One of the best decisions you can make is to optimize you and your organization’s ability to secure the software in
your organization by taking the comparative software security survey.
Leading Research & Practice
Backed by decades of leadership, experience & research by Dr. James Ransome and Brook S.E. Schoenfield in their collective and individual programs.
Essential Insights
The Comparative Software Security survey represents an industry consensus as executed by 1000’s of developers at major tech companies and solid metrics proving significant improvement of security posture and reduction of serious issues.
An Invitation to a Conversation…
The survey reveals how your teams perceive they are doing across key dimensions of Software Security. Use this knowledge as a basis for a conversation to understand better how you can help reach security objectives.
Sample Survey Items
We reduce our technical debt in every iteration.
Privileges are only given where strictly needed.
We control access to the DevOps/CICD chain/tools.
We keep the threat model updated as a part of our work.
Security fixes are tracked to closure.
When we choose to include 3rd party code, we perform a security assessment of the candidate code and its maker.
We use a Security Development Lifecycle (SDL).
We employ tools to identify secure coding issues.
We have designated security champions in each development team.
Sample Survey Items
We reduce our technical debt in every iteration.
Privileges are only given where strictly needed.
We control access to the DevOps/CICD chain/tools.
Top Features
Leverage proven, peer-reviewed research to quickly identify where your organization needs attention and initiate a conversation to understand how you can help.
Give your teams a voice – and allow them to express where you can do the most good for your organization.
Gain insights expeditiously - perform analysis at the team, program and organizational levels.
Benchmark the maturity of software security across your teams and organization against other organizations in your industry.
Leverage proven, peer-reviewed research to quickly identify where your organization needs attention and initiate a conversation to understand how you can help.
Give your teams a voice – and allow them to express where you can do the most good for your organization.
Gain insights expeditiously - perform analysis at the team, program and organizational levels.
Benchmark the maturity of software security across your teams and organization against other organizations in your industry.
Fuel data-driven continuous improvement efforts at the team, program and organizational levels through uncommon insights and actionable feedback.