Email Alerts
-
Can dynamic and static verification secure a platform?
The best software testing approach is to use a combination of static and dynamic verification tools that continually check for technical and logical vulnerabilities during the development cycle. Expert Michael Cobb examines each testing procedure in ... Ask the Expert
-
Should third-party software tools be used to customize applications?
Many features and functions required for today's network-ready applications can be purchased at a fraction of the cost that it would take to build them independently. But are they safe enough? Application security expert Michael Cobb explains. Ask the Expert
-
Is a merger or acquisition in Sourcefire's future?
It's been a busy year for Sourcefire Inc. founder and Chief Technology Officer Martin Roesch, creator of the widely popular Snort open source IDS tool. In November he announced that Sourcefire had filed with the U.S. Securities and Exchange Commissio... Interview
-
The Art of Software Security Testing
Read an excerpt from the book, The Art of Software Security Testing: Identifying Software Security Flaws. In Chapter 11, "Local Fault Injection," the authors explain the proper methods for examining file formats. chapter excerpt
-
heuristics
Heuristics is the application of experience-derived knowledge to a problem and is sometimes used to describe software that screens and filters out messages likely to contain a computer virus or other undesirable content. Definition
-
Watchfire will help IBM build application security
Analysts have been pushing the Security 3.0 concept this week at Gartner's IT Security Summit, and one analyst says IBM's acquisition of Watchfire illustrates the trend. Article
-
Should fuzzing be part of the secure software development process?
Fuzzing, a common software-testing method, should not be your only vulnerability assessment technique. In this SearchSecurity.com Q&A, Michael Cobb reviews how passing a fuzz test does not always mean that a program is bug-free. Ask the Expert
-
How to build secure applications
In this lesson, learn how to build security into the software development lifecycle, implement a practical, efficient change management system and test your applications using a black-box or white box technique. partOfGuideSeries
-
Anatomy of a zero-day: Security researchers face hurdles
Despite industry organizations bringing some order to the software testing process, security researchers say obstacles continue to slow their progress. Article
-
Internet complexity, insecurity could stifle innovation, expert says
Security threats are driving vendors to produce software and devices that automatically update and run only proprietary software with no effort from the end user. The result could be less flexibility and innovation, one expert says. Article
Security Management Strategies for the CIO