Premium Content

Access "2013 Security Priority Survey, security risks when buying IT hardware from China"

Robert Richardson, Editorial Director Published: 28 Jan 2013

As Gary McGraw mentioned in his [In]-Security column this month, every enterprise depends on software. On the one hand, this is merely stating the obvious. Software carries out the processes, enforcing the rules that reflect the business purpose. Each company tries its best to select or develop software that best enables it to carry out its organizational mission. On the other hand, the primary role of software begs to question why so little attention is paid to software security. Historically, security has tried to protect software from itself; building a firewall perimeter around it, watching for telltale symptoms in the network packet stream that might indicate an application attack, and by locking down privileges so only authorized people can direct requests to the software in the first place. McGraw argued that we should take the time to consider whether our software is unacceptably buggy from a security point of view. We should take a crack at it using the “badness-ometer.” That seems reasonable, but only a portion of the security community seems to be... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Strategies for a successful data protection program
    data_protection_2014.png
    E-Handbook

    Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...

  • Devices, data and how enterprise mobile management reconciles the two
    ISM_supp_1014.png
    E-Zine

    The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...

  • Putting security on auto-pilot: What works, what doesn't
    security_auto-pilot.png
    E-Handbook

    For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...