Premium Content

Access "Testing, assessment methods offer third-party software security assurance"

Published: 28 Jan 2013

Software is not created equal, especially when it comes to security. I’ve done my fair share of talking in this column about how to create and measure a software security initiative to make sure the software you build yourself is secure and I’ve even talked about how to get started with a brand new software security initiative. How can you tell whether the software you buy or outsource to others to build is secure enough? Do you trust your vendors? Do all vendors do the same thing when it comes to software security? (Hint: the answers are “good question,” “why?” and “no.”) Every enterprise depends on software Every modern enterprise uses lots of software. Some enterprise software is homegrown, but a vast majority of enterprise software is third-party software built and maintained by outside vendors. Third-party software itself comes in several flavors: it can be custom built to specification, it can be commercial off-the-shelf software (COTS), and it can live in the cloud as part of a Software as a Service (SaaS) model. Many large firms are working hard on ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Threat intelligence and risk: Why cybersecurity hangs in the balance
    ISM_0614.png
    E-Zine

    As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...

  • How to respond to the latest distributed denial-of-service attacks
    DDOS_attacks.png
    E-Handbook

    All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...

  • Figuring out FIDO as the first products emerge
    ISM_0514.png
    E-Zine

    The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed ...