Manage Learn to apply best practices and optimize your operations.

Beyond the Page: Application security in the age of open source

This Beyond the Page feature explores some new tools for security pros to vet open source libraries and manage security vulnerabilities.

This article can also be found in the Premium Editorial Download: Information Security magazine: Application security policy after Heartbleed:

After years of being ignored by the security silo, application security is beginning to get some respect. Tool providers have started to help developers think about secure coding earlier in the application development lifecycle by building checks and balances into integrated development environments and related tooling. In this Beyond the Page, Michael Cobb explores new tools to vet open source libraries, explains how to manage security vulnerabilities that often go undetected, such as the OpenSSL Heartbleed flaw, and helps security officers build policy awareness for IT teams responsible for internal and commercial software.

Feature: Update your application security policy after Heartbleed

Learn how you can lower your risk by revisiting application security policy and enforcing compliance with best practices.

Video: Open source software security after Heartbleed

In this video, application security expert Michael Cobb discusses open source risks and how revised security policies can standardize development.

Tip: Safe assembly -- Component reuse in the age of open source

Developers love reusing code, whether it’s an open source library or a code snippet copied from the Internet. This expert tip looks at the best ways to secure and monitor component-driven software.

About the expert

Michael Cobb, CISSP-ISSAP, is a renowned security author with over 20 years of experience in the IT industry. He co-authored the book IIS Security and has written many technical articles for SearchSecurity.com and other leading IT publications. He was formerly a Microsoft Certified Database Manager and a registered consultant with the CESG Listed Advisor Scheme (CLAS).

Next Steps

Reusing open source code can present a security risk. Application security expert Michael Cobb explains why and how to protect applications.

This was last published in September 2014

Dig Deeper on Open source security tools and software

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close