BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

At Adobe, secure software development program demands 'ninja' tactics

Video: Adobe CSO Brad Arkin explains how his firm fosters secure software development by inspiring developers to become security 'ninjas.' Video
Kandek: Most secure Web browser may be one with fewest plug-ins

Video: Qualys CTO Wolfgang Kandek said plug-ins now affect Web browser security more than the browsers themselves. Video
Marcus Ranum: Q&A with clean-slate pioneer Peter G. Neumann

Marcus Ranum, security expert and Information Security magazine columnist, goes one-on-one with clean-slate luminary Peter G. Neumann of SRI International and formerly Bell Labs. Column
Editor’s desk: A chat with Peter G. Neumann

Peter G. Neumann shares his thoughts on the inherent complexity of trustworthiness and the evolutionary promise of clean-slate architectures. Feature
Use the Android static analysis tool Dexter to safely deploy apps

Video: Keith Barker of CBT Nuggets demos Dexter, the Android static analysis tool that examines and securely deploys Android applications. Screencast
Software security podcast library

SearchSecurity.com is pleased to partner with Gary McGraw to feature his monthly Silver Bullet software security podcasts, which discuss best practices in software security. Podcast
Remediation planning for Ruby on Rails security vulnerabilities

The recent Ruby on Rails security vulnerabilities can be patched. Expert Michael Cobb discusses the fallout and offers help with remediation planning. Tip
McGraw: Use VBSIMM software security model when buying software

Video: Gary McGraw explains how JPMorgan Chase and others use the VBSIMM security model to vet software purchased from third-party vendors. Video
How to develop cloud applications based on Web app security lessons

Expert Dave Shackleford details how to build cloud applications based on typical Web app security flaws and cloud provider tools and platforms. Tip
Security transitions: Changes that make a difference

This month, Information Security Magazine examines security industry changes that can really make a difference: improving identity management and building security into software from the get go. Opinion

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites