Software Development Methodology News
May 07, 2015
Robert 'Rsnake' Hansen of WhiteHat Security discusses the Aviator Web browser, why Google lashed out against it, the challenges of browser security and lessons learned for developing secure software.
April 27, 2015
At RSA Conference 2015, a pair of DevOps proponents explained why the nascent movement to integrate development and IT operations staff pays security dividends.
September 16, 2014
Developers increasingly rely on a variety of open source components, but a VerSprite researcher warns that security issues accompany many popular frameworks.
June 10, 2014
Video: Chris Wysopal of Veracode discusses the risks of externally sourced code and monitoring its use in the enterprise.
Software Development Methodology Get Started
Bring yourself up to speed with our introductory content
A new programming language called Wyvern is helping developers use multiple languages in one app securely. Application security expert Michael Cobb discusses. Continue Reading
Research shows more than three-quarters of PHP installations run with at least one vulnerability. Learn the steps for ensuring PHP security in the enterprise workplace. Continue Reading
Runtime application self-protection could provide more secure software applications after delivery, but you need to recognize its limitations. Continue Reading
Evaluate Software Development Methodology Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Gartner predicts more than half of all mobile apps will use HTML5 by 2016, but what threats will this cause the enterprise? Expert Michael Cobb discusses. Continue Reading
Traditionally, ensuring secure software delivery has meant relying on static scanning and dynamic fuzzing. There’s now an alternative: the runtime application self-protection, or RASP, method. This ISM Insider Edition looks at all that's gone... Continue Reading
Gary McGraw says real medical device security requires more than worrying about patient data. Continue Reading
Product ReviewsPowered by IT Central Station
Powered by IT Central Station
v2 Review: Premature product - not a proper product to be used for PCI approved web scanning Having done numerous penetration tests using various...Continue Reading
Although the user experience could be improved, it's the best dynamic code analysis tool one can invest in.Powered by IT Central Station
Valuable Features: It identifies the vulnerabilities in SSL. • Improvements to My Organization: We were able to unravel bugs in earlier...Continue Reading
Centerbeam's security options for good data security 1. closed API's 2.Integration tied to customer environment and ActiPowered by IT Central Station
Valuable Features: The access of your whole group of data and the functionality of the command line, it is direct and very easy to use, in...Continue Reading
Manage Software Development Methodology
Learn to apply best practices and optimize your operations.
Secure software expert Gary McGraw says the IEEE Center for Secure Design can help companies find patterns in their software security flaws. Continue Reading
Algorithm substitution attacks can decrypt secure communications and potentially expose enterprise data in plaintext. Learn how to mitigate the threat. Continue Reading
Software security expert Gary McGraw points out five ways member organizations in the BSIMM group are structuring their software security groups. Continue Reading
Problem Solve Software Development Methodology Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
SQL injection attacks continue to plague enterprises. However, performing audit code validation when using outsourced developers can be a challenge. Expert Nick Lewis explains how to prevent these attacks. Continue Reading
Does a Web application security assessment termed 'compliance ready' seem too good to be true? Learn its role in an enterprise compliance program. Continue Reading
Sandboxing is a limited technology. Expert Brad Casey explores the margins and supplemental products organizations can use in virtual environments. Continue Reading