BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

Five key trends jolting software security in 2013

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure.
Why can't I just ignore internal app security threats?

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.
How many revisions make for good code review?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Five major technology trends affecting software security assurance

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure. Opinion
Why securing internal applications is as important as Web-facing apps

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why. Answer
Secure code review process: How many review rounds are needed?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices. Answer
Application security risks posed by open source Java frameworks

Expert Michael Cobb says security issues with open source Java applications have more to do with misconfigurations than the frameworks themselves. Answer
The effects of secure application development practices

Selling the CIO and others on secure application development requires understanding how it will impact the development process. Answer
McGraw: Financial services develop a proactive posture

The idea behind proactive security is simple: build security in the first time by following security models like BSIMM and security engineering. Column
New skills for the QA tester: Scripting, security

Software quality assurance is gaining respect as a profession -- but do QA testers have the scripting and security skills the role now requires? Quality Time
At Adobe, secure software development program demands 'ninja' tactics

Video: Adobe CSO Brad Arkin explains how his firm fosters secure software development by inspiring developers to become security 'ninjas.' Video
Kandek: Most secure Web browser may be one with fewest plug-ins

Video: Qualys CTO Wolfgang Kandek said plug-ins now affect Web browser security more than the browsers themselves. Video
Marcus Ranum: Q&A with clean-slate pioneer Peter G. Neumann

Marcus Ranum, security expert and Information Security magazine columnist, goes one-on-one with clean-slate luminary Peter G. Neumann of SRI International and formerly Bell Labs. Column

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites