Tech Companies Create Security Baseline for Enterprise Software

  /     /     /  
Publicated : 23/11/2024   Category : security

Tech Companies Create Security Baseline for Enterprise Software


The Minimum Viable Secure Product is written as a checklist of minimum-security requirements for business-to-business software.


A new vendor-neutral security baseline called the Minimum Viable Secure Product (MVSP) is designed to list minimum acceptable security requirements for B2B software and business process outsourcing suppliers. MVSP was developed and backed by tech companies including Google, Salesforce, Slack, and Okta.  
Our goal is to increase the minimum bar for security across the industry while simplifying the vetting process, states Royal Hansen, vice president of security at Google, in a blog post. He cites an Opus and Ponemon Institute study
that found
59% of companies have experienced a breach caused by one of their vendors or a third party.
Organizations have traditionally had to design and implement their own security baselines for vendors according to their risk posture; however, this creates an impossible situation for vendors and enterprises as they try to accommodate thousands of different requirements.
The MVSP aims to lessen the complexity of procurement, RFP, and vendor security assessment with a checklist of minimum acceptable baselines to verify a products security posture and understand its security gaps.
Designed with simplicity in mind, the checklist contains only those controls that must, at a minimum, be implemented to ensure a reasonable security posture,
officials say
 at the top of the document.
All companies building B2B software or handling sensitive information under its broadest definition are advised to implement the controls.
Read more details
here
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Tech Companies Create Security Baseline for Enterprise Software