Security Management Strategies for the CIO
Email Alerts
-
Gary McGraw on secure software development
In this video, Gary McGraw of Cigital Inc. explains why better secure coding could help thwart future Web 2.0 attacks. He says the industry is making progress. Article
-
HP aims at IBM with application vulnerability scanning as service
HP offers application scanning as a service to meet IBM's Watchfire AppScan OnDemand software. Interest is being driven by the growing use of Web applications. Article
-
New hacking technique exploits common NULL programming error
A researcher has discovered a new hacking technique that exploits a programming vulnerability common in many applications. Article
-
Will Cisco's plan to open access to the IOS improve network security?
If Cisco's initiative pans out, we're likely to see a number of new network management tools that integrate with IOS. Mike Chapple explains why that centralization will be a security improvement. Ask the Expert
-
Best practices for using restriction policy whitelists
Ed Skoudis discusses which systems should be considered for software restriction policy whitelists, and unveils how whitelisting can improve security. Ask the Expert
-
Application hardening tools help repel software pirates
Application hardening vendors can make life difficult for software pirates, forcing them to turn to more profitable, low-hanging fruit. Article
-
What software development practices prevent input validation attacks?
Improper input validation leads to numerous kinds of attacks, including cross-site scripting, SQL injection and command injection. In this expert Q&A, Michael Cobb reviews the most important application development practices. Ask the Expert
-
Former @stake researchers rekindle past, discuss Symantec spin-off
Dennis Fisher talks to early members of @stake about its history, culture and the company's continued influence on the security industry. Interview
-
Federal aid helps uncover open source flaws
A joint project with security vendor Coverity Inc. uncovered flaws in 11 open source projects, including Perl, PHP, Python, Samba and TCL. Article
-
Enterprise security in 2008: Building trust into the application development process
The Storm botnet, launched a year ago, proved that malicious hackers were developing more sophisticated botnets -- and more sophisticated business strategies. As Michael Cobb explains, it's just one reason why application security pros need to keep a... Tip