{"id":1504,"date":"2022-05-05T12:49:58","date_gmt":"2022-05-05T04:49:58","guid":{"rendered":"https:\/\/choson.lifenet.com.tw\/?p=1504"},"modified":"2023-03-29T15:50:08","modified_gmt":"2023-03-29T07:50:08","slug":"%e6%88%90%e7%86%9f%e5%ba%a6%e6%a8%a1%e5%9e%8b%e4%b8%ad%e6%a7%8b%e5%bb%ba%e5%ae%89%e5%85%a8%e6%80%a7-building-security-in-maturity-model-bsimm","status":"publish","type":"post","link":"https:\/\/choson.lifenet.com.tw\/?p=1504","title":{"rendered":"\u6210\u719f\u5ea6\u6a21\u578b\u4e2d\u69cb\u5efa\u5b89\u5168\u6027 (Building Security In Maturity Model :BSIMM)"},"content":{"rendered":"\n<p>CMMI\u3001CMMC\u3001BSIMM \u548c SAMM \u662f\u8a55\u4f30\u8edf\u9ad4\u958b\u767c\u80fd\u529b\u7684\u597d\u6a21\u578b\u3002\u4f46\u662fBSIMM \u662f\u8861\u91cf\u4e00\u500b\u7d44\u7e54\u5728\u5b89\u5168\u6027\u65b9\u9762\u76f8\u5c0d\u65bc\u5176\u4ed6\u7d44\u7e54\u57f7\u884c\u60c5\u6cc1\u7684\u6700\u4f73\u65b9\u6cd5\u3002<br>\u6210\u719f\u5ea6\u6a21\u578b\u4e2d\u7684\u5b89\u5168\u69cb\u5efa (BSIMM) \u662f\u5c0d\u7576\u524d\u8edf\u4ef6\u5b89\u5168\u8a08\u5283\u6216\u7a0b\u5e8f\u7684\u7814\u7a76\u3002\u5b83\u91cf\u5316\u4e86\u8de8\u884c\u696d\u3001\u898f\u6a21\u548c\u5730\u57df\u7684\u4e0d\u540c\u7d44\u7e54\u7684\u61c9\u7528\u7a0b\u5f0f\u5b89\u5168&nbsp;<a href=\"https:\/\/www.synopsys.com\/software-integrity\/software-security-services\/strategy-planning.html\" target=\"_blank\" rel=\"noreferrer noopener\">(appsec)<\/a>&nbsp;\u5be6\u8e10\uff0c\u540c\u6642\u78ba\u5b9a\u4e86\u4f7f\u6bcf\u500b\u7d44\u7e54\u7368\u4e00\u7121\u4e8c\u7684\u8b8a\u5316\u3002<\/p>\n\n\n\n<p>BSIMM \u5305\u62ec\uff1a<br>\u5c0d\u7d44\u7e54\u7576\u524d\u7684appsec \u8a08\u5283 \u63d0\u4f9b\u5ba2\u89c0\u3001\u6578\u64da\u9a45\u52d5\u7684\u8a55\u4f30\u7684\u8a55\u4f30<br>\u6210\u70ba\u63d0\u4f9b\u5354\u4f5c\u3001\u6700\u4f73\u5be6\u8e10\u548c\u7368\u5bb6\u5167\u5bb9\u7684\u5b89\u5168\u540c\u884c\u793e\u5340\u7684\u6210\u54e1<br>\u5168\u7403\u6703\u8b70 \uff0c\u5305\u62ec\u4f86\u81ea\u5b89\u5168\u9818\u5c0e\u8005\u7684\u4e3b\u984c\u6f14\u8b1b\u3001\u4ea4\u6d41\u6a5f\u6703\u4ee5\u53ca\u4ea4\u6d41\u6280\u8853\u548c\u5be6\u8e10\u7684\u8ad6\u58c7<br>\u4e00\u4efd\u5e74\u5ea6\u5831\u544a \uff08\u76ee\u524d\u70ba BSIMM12\uff09\uff0c\u63d0\u4f9b\u5c0d\u73fe\u5be6\u4e16\u754c\u8edf\u4ef6\u5b89\u5168\u8a08\u5283\u3001\u5be6\u8e10\u548c\u6d3b\u52d5\u7684\u6578\u64da\u9a45\u52d5\u5206\u6790<br>\u8cc7\u6599\u4f86\u6e90\uff1a<a href=\"https:\/\/www.bsimm.com\/about.html\" target=\"_blank\" rel=\"noreferrer noopener\">BSIMM<\/a><\/p>\n\n\n\n<p>\u53c3\u8003<br>.&nbsp;<a href=\"https:\/\/owasp.org\/www-project-samm\/\" target=\"_blank\" rel=\"noreferrer noopener\">OWASP SAMM<\/a><br>.&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Cybersecurity_Maturity_Model_Certification\/\" target=\"_blank\" rel=\"noreferrer noopener\">\u7db2\u7d61\u5b89\u5168\u6210\u719f\u5ea6\u6a21\u578b\u8a8d\u8b49<\/a><br>.&nbsp;<a href=\"https:\/\/www.acq.osd.mil\/cmmc\/\" target=\"_blank\" rel=\"noreferrer noopener\">\u8ca0\u8cac\u63a1\u8fa6\u548c\u7dad\u6301\u7684\u570b\u9632\u90e8\u526f\u90e8\u9577\u8fa6\u516c\u5ba4 (OUSD(A&amp;S))<\/a><br>.&nbsp;<a href=\"https:\/\/www.bsimm.com\/about.html\" target=\"_blank\" rel=\"noreferrer noopener\">\u95dc\u65bc BSIMM<\/a><br>.&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Capability_Maturity_Model_Integration\" target=\"_blank\" rel=\"noreferrer noopener\">\u80fd\u529b\u6210\u719f\u5ea6\u6a21\u578b\u96c6\u6210 (CMMI)<\/a><\/p>\n\n\n\n<p>\u8cc7\u6599\u4f86\u6e90\uff1a\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/wentzwu.com\/2021\/10\/22\/cissp-practice-questions-20211022\/\" target=\"_blank\">Wentz Wu QOTD-20211022<\/a><\/p>\n\n\n\n<p>PS:\u6b64\u6587\u7ae0\u7d93\u904e\u4f5c\u8005\u540c\u610f\u520a\u767b \u4e26\u4e14\u6388\u6b0a\u53ef\u4ee5\u7ffb\u8b6f\u6210\u4e2d\u6587<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CMMI\u3001CMMC\u3001BSIMM \u548c SAMM \u662f\u8a55\u4f30\u8edf\u9ad4\u958b\u767c\u80fd\u529b\u7684\u597d\u6a21\u578b\u3002\u4f46\u662fBSIMM \u662f\u8861\u91cf\u4e00\u500b\u7d44\u7e54\u5728\u5b89\u5168 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":true,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1504","post","type-post","status-publish","format-standard","hentry","category-cisspcertified-information-systems-security-professional"],"_links":{"self":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/1504","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1504"}],"version-history":[{"count":2,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/1504\/revisions"}],"predecessor-version":[{"id":2798,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/1504\/revisions\/2798"}],"wp:attachment":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1504"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1504"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1504"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}