BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

How can gap analysis be applied to the security SDLC?

When developing software securely, what role does gap analysis play? In this security management expert response, learn how to implement gap analysis into software development, and how it can help stop data leaks at your enterprise. Ask the Expert
Microsoft opens up secure development program

Microsoft is extending its Security Development Lifecycle processes to third parties. Article
Mozilla's Snyder says security pros should press vendors on security

Mozilla security chief Window Snyder says security pros should pressure their vendors to be better and more transparent about security. Article
Vista functionality still wins over security

A researcher renowned for tinkering with Active X controls tossed a pail of ice water today at Black Hat on the security-first marketing associated with Vista. News
Mozilla to release Firefox threat-modeling data

Black Hat: The Mozilla Foundation's security chief says it will soon publicly release threat-modeling data for the next version of the Firefox Web browser. Article
Gary McGraw on secure software development

Gary McGraw of Cigital Inc. explains why better secure coding could help thwart future Web 2.0 attacks. He says the industry is making progress. Video
Security issues found in the Spring Framework

Ounce Labs recently discovered two security vulnerabilities that can affect Java Web applications that use the Spring Framework. News
Software still plagued with security holes, researcher says

In this podcast, noted security researcher Greg Hoglund, who specializes in Windows rootkits and secure coding, explains why software is just as vulnerable today as it was in 1999. Article
Microsoft tools won't be quick fix for SQL injection attacks

Microsoft's security advisory will help raise awareness about secure software coding, but it won't stop the onslaught of SQL injection attacks, experts say. Article
Which automated quality assurance tools can be used to test software?

If your application development process is not yet addressing security at all six phases of the lifecycle, now is the time to start. Application security expert Michael Cobb explains which quality assurance tools can help. Ask the Expert

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites