Access "Enhancing secure coding practices to secure your machine"
This article is part of the May 2004 issue of Are you secure? Adam Putnam says, "Prove it!"
No software company in the world sets out to produce bug-ridden code. And no application is perfect, especially one with millions of lines of code. But the goal isn't perfection--well, maybe that's the goal, but no prudent security professional can expect to attain it. The Research Triangle Institute estimated in 2002 that flawed software costs as much as $59 billion annually in lost productivity. Add the billions more spent to guard against hackers and malware, and you're talking about serious money. Complicating the quality problem are custom apps from in-house developers and the code developed by inexpensive, offshore contractors. While custom code can be tailored, it's prone to the same errors as faulty commercial software. Producing better software is the obvious cure, but not an easy task. Software vendors and in-house developers are trying to reform their development processes. But, there will be flaws as long as there are humans tapping the keyboard, and businesses care more about faster and cheaper software than quality and security. Recognizing the... Access >>>
Premium Content for Free.
Should new information security laws include auditing requirements?
by Erik Sherman
Get your security act together or Adam Putnam will do it for you. Federal information security laws and regulations could be the next thing infosec management has to worry about. Here you will learn about pending security laws requring security auditing requirements in this feature.
Exploring additional technologies to support antivirus scanning
by George A. Chidi Jr.
Security managers are looking beyond conventional AV to ensure business continuity and improve disaster recovery times.
Using email spam filtering techniques to get rid of spam
by Amber Plante
Filters stem the flow of junk email, but spam remains a big distraction. Learn how to use spam filtering techniques to get rid of spam.
- Should new information security laws include auditing requirements? by Erik Sherman
Secure data transmission with wireless access controllers
by Jon Edney
Sending data over the airwaves is risky. Wireless access controllers assure secure data transmission and reception.
Why and how the CISO job description is changing
by Gary Lynch
The Chief Information Security Officer (CISO) job description is changing. The new CISO must know how to quantify risk and how to understand business as well as computer security technologies.
- Secure data transmission with wireless access controllers by Jon Edney
Government cybersecurity: What is being done to fight cybercrime?
by Lawrence M. Walsh
Learn what can be done to fight cybercrime against privately owned networks.
Industry needs less ethical computer hacking, more risk management strategies
by Jay Heiser, Contributor
Enterprises need less ethical computer hacking and a better risk management strategy.
How to avoid Windows XP Service Pack 2 problems
by Victor R. Garza
Testing XP SP2 beta today will pay off in the long run and help admins to avoid any Windows XP Service Pack 2 problems.
Enhancing secure coding practices to secure your machine
by Pete Lindstrom, Contributor
Learn preventative measures to help improve secure coding practices and protect and secure your machine from the latest threats.
Laws of security: 10 security best practices
by Andrew Briney
Learn the laws of security and 10 security best practices.
- Government cybersecurity: What is being done to fight cybercrime? by Lawrence M. Walsh
More Premium Content Accessible For Free
The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update ...
In the rush to capitalize on big data, many companies forget that developing an ecosystem of structured and unstructured data means higher risk of ...
As the number of Internet-connected devices grows, the potential security challenges of the so-called "Internet of Things," or IoT, can no longer be ...