Software still plagued with security holes, researcher says

Article

Software still plagued with security holes, researcher says

Neil Roiter, Senior Technology Editor, Information Security magazine

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

Greg Hoglund, a noted security researcher and author who specializes in Windows rootkits and secure coding, explains why software is just as vulnerable today as it was in 1999. Hoglund is CEO of HBGary, a security risk assessment firm based in El Dorado Hills, Calif. Hoglund is a highly regarded expert on software application security and the malware used to exploit it. He created and documented the first Windows NT-based rootkit.

  Greg Hoglund on secure coding: 

  Program Links: 

  • Gary McGraw on secure software development: In this video, Gary McGraw of Cigital Inc. explains why better secure coding could help thwart future Web 2.0 attacks. He says the industry is making progress.

  • Tech vendors team up for secure software development: A new group of technology vendors, including Microsoft and Symantec, are joining together to raise awareness about the need for more secure code.

  • Report: Companies still stumped by PCI DSS: A VeriSign review of PCI Data Security Standard (PCI DSS) assessments it conducted found that more than half were still stumbling on the path to compliance.

  • Group releases Java standards for secure development: The Secure Programming Council is releasing a set of essential skills for Java developers in an effort to improve software security and educate new programmers.

  • Information Security podcasts: Visit SearchSecurity's podcast archive.