BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

Five key trends jolting software security in 2013

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure.
Why can't I just ignore internal app security threats?

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.
How many revisions make for good code review?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Vista functionality still wins over security

A researcher renowned for tinkering with Active X controls tossed a pail of ice water today at Black Hat on the security-first marketing associated with Vista. News
Mozilla to release Firefox threat-modeling data

Black Hat: The Mozilla Foundation's security chief says it will soon publicly release threat-modeling data for the next version of the Firefox Web browser. Article
Gary McGraw on secure software development

Gary McGraw of Cigital Inc. explains why better secure coding could help thwart future Web 2.0 attacks. He says the industry is making progress. Video
Security issues found in the Spring Framework

Ounce Labs recently discovered two security vulnerabilities that can affect Java Web applications that use the Spring Framework. News
Software still plagued with security holes, researcher says

In this podcast, noted security researcher Greg Hoglund, who specializes in Windows rootkits and secure coding, explains why software is just as vulnerable today as it was in 1999. Article
Microsoft tools won't be quick fix for SQL injection attacks

Microsoft's security advisory will help raise awareness about secure software coding, but it won't stop the onslaught of SQL injection attacks, experts say. Article
Which automated quality assurance tools can be used to test software?

If your application development process is not yet addressing security at all six phases of the lifecycle, now is the time to start. Application security expert Michael Cobb explains which quality assurance tools can help. Ask the Expert
Gary McGraw on secure software development

In this video, Gary McGraw of Cigital Inc. explains why better secure coding could help thwart future Web 2.0 attacks. He says the industry is making progress. Article
HP aims at IBM with application vulnerability scanning as service

HP offers application scanning as a service to meet IBM's Watchfire AppScan OnDemand software. Interest is being driven by the growing use of Web applications. Article
New hacking technique exploits common NULL programming error

A researcher has discovered a new hacking technique that exploits a programming vulnerability common in many applications. Article

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites