BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

Five key trends jolting software security in 2013

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure.
Why can't I just ignore internal app security threats?

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.
How many revisions make for good code review?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Should static analysis be a part of the software development process?

When the cost of addressing security issues increases as the software design lifecycle proceeds, see why expert Michael Cobb says that using static analysis early on can benefit your bottom line. Ask the Expert
The future of exploit vulnerability research

At Information Security Decisions 2008, security researchers discuss the most vulnerable network points and the future of the SDLC (part 1 of 4). Video
The importance of secure software development training

At Information Security Decisions 2008, security researchers discuss secure application coding and how to teach best practices to young developers (part 4 of 4). Video
Adobe hopes to speed patch releases with more transparency

Poor communication with security researchers fuels inefficiencies, the software maker said. Article
Microsoft updates code analysis tool, SQL injection XSS library

The tools for developers help identify flaws to protect enterprise applications against SQL Injection and cross site scripting attacks. Article
How can quality assurance tools aid software development?

There are an increasing number of tools aimed at improving software quality control and assurance, and they can certainly play a role in producing higher quality software. In this expert Q&A, Michael Cobb explains why the QA products may not be worth... Ask the Expert
Metaforic crosses swords with software pirates

Company joins a number of vendors in the application hardening market with a technology that embeds protections in a program at compile time. Article
How can gap analysis be applied to the security SDLC?

When developing software securely, what role does gap analysis play? In this security management expert response, learn how to implement gap analysis into software development, and how it can help stop data leaks at your enterprise. Ask the Expert
Microsoft opens up secure development program

Microsoft is extending its Security Development Lifecycle processes to third parties. Article
Mozilla's Snyder says security pros should press vendors on security

Mozilla security chief Window Snyder says security pros should pressure their vendors to be better and more transparent about security. Article

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites