BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

Five key trends jolting software security in 2013

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure.
Why can't I just ignore internal app security threats?

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.
How many revisions make for good code review?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Software piracy group offers cash to whistleblowers

An industry group made up of software companies is offering workers in the U.K. more than $30,000 to blow the whistle on pirated software in their workplace. Article
Quiz: How to build secure applications

Use this five-question quiz to test your knowledge of how to secure your enterprise apps. Quiz
How to detect software tampering

In their book Surreptitious Software, authors Christian Collberg and Jasvir Nasvir reveals how to tamperproof your software and make sure it executes as intended. Tip
Should security tests be part of a software quality assurance program?

Application security expert Michael Cobb reviews the essentials of any software quality assurance process. Ask the Expert
Does an EULA make it truly illegal to decompile software?

Michael Cobb explores a legal minefield: the legality of software decompilation. Ask the Expert
SQL injection continues to trouble firms, lead to breaches

Security experts see the secure software development lifecycle improving, but legacy applications and Web server flaws continue to offer a rich treasure trove for attackers. Article
Verifying the security of software with static and dynamic verification

Secure software is critical to all businesses, and security verification is an important part of that process. In this expert response, learn the difference between static and dynamic verification of security in software engineering. Ask the Expert
Microsoft issues emergency Active Template Library updates

Security updates address flaws the Active Template Library affecting Internet Explorer and Visual Studio. An IE fix also blocks a method that allows attackers to bypass killbits. Article
IBM acquires Ounce Labs for source code analysis

Big Blue plans to add the source code security testing vendor to its Rational software business. Financial terms were not disclosed. Article
Software security threats and employee awareness training

What are the newest threats to enterprise networks, and how can you subvert these emerging security threats? Greg Hoglund, CEO of HBGary and creator of the first rootkit, answers these questions. Video

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites