BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Creating a third-party security policy to prevent a software exploit

Third-party software vulnerabilities are one of the most likely attack vectors in the information security landscape today. In this expert response, Nick Lewis discusses how to prevent these vulnerabilities from becoming exploits. Ask the Expert
Coverity, Armorize to add security to software quality process

Integrated suite gives security teams greater visibility into the software development lifecycle while letting developers focus on creating code and fixing errors. Article
An application security framework for infrastructure security managers

Video: Get a primer on common application attack methods and an application security framework to help infrastructure security teams. Video
Adobe focuses on secure software development lifecycle

With its popular software increasingly targeted by hackers, Adobe has stepped up efforts to secure its applications. Article
Former @stake researcher Aitel insists on data classification

Know your data before turning to the cloud, says Dave Aitel, CTO of Immunity Inc. Aitel criticized traditional security technologies at FIRST Conference 2010. Article
Static source code analysis tools: Pros and cons

Static source code analysis tools can greatly improve application security, but it takes knowledge and expertise to use them correctly. Expert Michael Cobb explains why. Ask the Expert
Gary McGraw on software security research

Gary McGraw and Sammy Miguez of CIgital talk about the latest version of the Building Security in Maturity Model (BSIMM). Thirty major companies were interviewed to find out how the firms implement security into their processes. News
Cigital expands software security model, includes data from 30 major firms

The Building Security in Maturity Model is free and includes a framework that outlines the best practices used at major companies. Article
Researchers aim to smarten Web application security scanners

Adding the "human element" to scanners could help pen testers evaluate a larger portion of an application's attack surface, according to two researchers at SOURCE Boston 2010. Article
Metasploit creator sees no end to software security vulnerability issues

Metasploit creator and vulnerability expert H.D. Moore says secure coders are doing a better job creating applications with fewer bugs, but an ever increasing number of applications leaves no shortage in the number of new software vulnerabilities. In... Interview

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites