Does security have a place at the DevOps table?

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Insider edition: Web application security

    Developers building Web applications don’t give enough consideration to security. Often in a rush to get apps live, they’re pushed into production with glaring vulnerabilities that attacks can easily exploit, often in an automated manner. This Inside... 

  • Managing identities in hybrid worlds

    The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based IDaaS for hybrid cloud infrastructures, and mobile devices that are either an authentication token in ... 

  • Technical guide to secure development practices

    When security practitioners attempt to introduce secure development practices into a development process and organization, they are typically less than accepted. Development organizations tend to reject formal internal structure and process imposed f... 

  • SRI International (SRI)

    SRI International (SRI), founded as Stanford Research Institute International, is an independent, non-profit research institute headquartered in Menlo Park, California. SRI International specializes in conducting client-sponsored research and develop... 

  • stack overflow

    A stack overflow is an undesirable condition in which a particular computer program tries to use more memory space than the call stack has available. In programming, the call stack is a buffer that stores requests that need to be handled. 

  • mobile security (wireless security)

    Mobile security is the protection of smartphones, tablets, laptops and other portable computing devices, and the networks they connect to, from threats and vulnerabilities associated with wireless computing. Mobile security is also known as wireless ... 

  • Common Weakness Enumeration (CWE)

    Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software... (Continued) 

  • fuzz testing (fuzzing)

    Fuzz testing or fuzzing is a technique used by ethical hackers to discover security loopholes in software, operating systems or networks by massive inputting of random data to the system in an attempt to make it crash... (Continued) 

  • heuristics

    Heuristics is the application of experience-derived knowledge to a problem and is sometimes used to describe software that screens and filters out messages likely to contain a computer virus or other undesirable content. 

  • debugging

    In computers, debugging is the process of locating and fixing or bypassing bugs (errors) in computer program code or the engineering of a hardware device. 

  • threat modeling

    Threat modeling is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system... 

  • trigraph

    A trigraph is a three-character replacement for a special or nonstandard character in a text file. 

  • bypass

    Bypass, in general, means either to go around something by an external route rather than going through it, or the means of accomplishing that feat. 

  • See more Definitions on Software Development Methodology
About Software Development Methodology

This software development methodology resource center offers news and advice on using secure code to develop software without breaking it. Get information about secure software development tools, methods, systems, testing, the software development lifecycle, threat modeling, and static and source code analysis.