BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

The 2013 OWASP Top 10 list: What's changed and how to respond

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises. Answer
Opinion: Software [in]security -- software flaws in application architecture

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws. Opinion
Open source code management: How to safely use open source libraries

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries. Tip
Five major technology trends affecting software security assurance

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure. Opinion
Why securing internal applications is as important as Web-facing apps

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why. Answer
Secure code review process: How many review rounds are needed?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices. Answer
Application security risks posed by open source Java frameworks

Expert Michael Cobb says security issues with open source Java applications have more to do with misconfigurations than the frameworks themselves. Answer
The effects of secure application development practices

Selling the CIO and others on secure application development requires understanding how it will impact the development process. Answer
McGraw: Financial services develop a proactive posture

The idea behind proactive security is simple: build security in the first time by following security models like BSIMM and security engineering. Column
New skills for the QA tester: Scripting, security

Software quality assurance is gaining respect as a profession -- but do QA testers have the scripting and security skills the role now requires? Quality Time

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites