BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Should states lead charge for secure application development?

New York state's Application Security Procurement language could set off a cascade of initiatives in many states. News
New York drafts language demanding secure code

State will demand software makers certify their software does not contain the coding errors listed in the CWE/SANS Top 25 Dangerous Programming Errors. Article
Security experts identify 25 dangerous coding errors

A new list of common programming errors could give non-experts the ability to demand higher coding standards. Article
Should static analysis be a part of the software development process?

When the cost of addressing security issues increases as the software design lifecycle proceeds, see why expert Michael Cobb says that using static analysis early on can benefit your bottom line. Ask the Expert
The importance of secure software development training

At Information Security Decisions 2008, security researchers discuss secure application coding and how to teach best practices to young developers (part 4 of 4). Video
The future of exploit vulnerability research

At Information Security Decisions 2008, security researchers discuss the most vulnerable network points and the future of the SDLC (part 1 of 4). Video
Adobe hopes to speed patch releases with more transparency

Poor communication with security researchers fuels inefficiencies, the software maker said. Article
Microsoft updates code analysis tool, SQL injection XSS library

The tools for developers help identify flaws to protect enterprise applications against SQL Injection and cross site scripting attacks. Article
How can quality assurance tools aid software development?

There are an increasing number of tools aimed at improving software quality control and assurance, and they can certainly play a role in producing higher quality software. In this expert Q&A, Michael Cobb explains why the QA products may not be worth... Ask the Expert
Metaforic crosses swords with software pirates

Company joins a number of vendors in the application hardening market with a technology that embeds protections in a program at compile time. Article

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites