BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Microsoft extends SDL program, adds Agile development template

Microsoft is adding support for Agile Development Methodologies to its Security Development Lifecycle program. A simplified SDL white paper is also being introduced. Article
Malware in Google attacks uses spaghetti code

Coding technique designed to tie up reverse engineers has been used in the past, Symantec says. News
Self-defending Web applications thwart attacks

Michael Coates, a volunteer with OWASP, is leading a project that helps developers inject code into applications to give them self-defense mechanisms. News
Software piracy group offers cash to whistleblowers

An industry group made up of software companies is offering workers in the U.K. more than $30,000 to blow the whistle on pirated software in their workplace. Article
Quiz: How to build secure applications

Use this five-question quiz to test your knowledge of how to secure your enterprise apps. Quiz
How to detect software tampering

In their book Surreptitious Software, authors Christian Collberg and Jasvir Nasvir reveals how to tamperproof your software and make sure it executes as intended. Tip
Should security tests be part of a software quality assurance program?

Application security expert Michael Cobb reviews the essentials of any software quality assurance process. Ask the Expert
Does an EULA make it truly illegal to decompile software?

Michael Cobb explores a legal minefield: the legality of software decompilation. Ask the Expert
SQL injection continues to trouble firms, lead to breaches

Security experts see the secure software development lifecycle improving, but legacy applications and Web server flaws continue to offer a rich treasure trove for attackers. Article
Verifying the security of software with static and dynamic verification

Secure software is critical to all businesses, and security verification is an important part of that process. In this expert response, learn the difference between static and dynamic verification of security in software engineering. Ask the Expert

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites