BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

Five key trends jolting software security in 2013

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure.
Why can't I just ignore internal app security threats?

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.
How many revisions make for good code review?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Technical guide to secure development practices

When security practitioners attempt to introduce secure development practices into a development process and organization, they are typically less than accepted. Development organizations tend to reject formal internal structure and process imposed f... E-Book
Google extends bounty program for Web application bugs

People who report serious Web application flaws in YouTube and Blogger could receive a reward as much as $3,133.70. Article
SecTor 2010: Mobile application security flaws a repeat of past mistakes

Developers of mobile applications are repeating many of the same coding errors that desktop coders and Web application coders made years ago, according to two security experts. Article
Secure Software development starts at the top

Ryan Berg a senior architect of security research for IBM talks about ways enterprises can improve their software development processes and why some firms are falling behind. News
Microsoft SDL documentation goes open source

Materials outlining Microsoft's Security Development Lifecycle will be transferred to a Creative Commons license. SDL tools and templates remain under an exclusive Microsoft license. News
CEO must prioritize software development improvements, secure coding

In this interview, Ryan Berg, a senior architect of security research for IBM discusses why some companies lack direction when it comes to secure software development. Article
HP to acquire Fortify Software for secure software development

Source code analysis vendor Fortify Software will eventually be integrated into HP's Business Technology Optimization application portfolio. Analysts say acquisition was expected. Article
Creating a third-party security policy to prevent a software exploit

Third-party software vulnerabilities are one of the most likely attack vectors in the information security landscape today. In this expert response, Nick Lewis discusses how to prevent these vulnerabilities from becoming exploits. Ask the Expert
Coverity, Armorize to add security to software quality process

Integrated suite gives security teams greater visibility into the software development lifecycle while letting developers focus on creating code and fixing errors. Article
An application security framework for infrastructure security managers

Video: Get a primer on common application attack methods and an application security framework to help infrastructure security teams. Video

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites