BSIMM4: Secure development's measuring stick

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

  • CA backup bug exploitable on Vista

    In what appears to be the first exploit for a third-party app running on Vista, a previously patched buffer overflow vulnerability in CA BrightStor ARCserve Backup has been exploited. One security firm says ISVs aren't taking advantage of Vista's new...  Article

  • Developing an application security mind-set

    Baking security into applications can be a difficult process, but experts believe developing an application security mind-set can help create more secure software systems.  Article

  • Attacks targeted to specific applications

    This is the fourth tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage," pu...  Book Chapter

  • Microsoft releases Vista APIs to security vendors

    Microsoft released a draft set of programming interfaces allowing security vendors to develop software using the Windows kernel on 64-bit systems.  Article

  • PING with Aviel Rubin

    In this exclusive interview with Information Security magazine, Aviel Rubin, author of "Brave New Ballot" examines security problems in e-voting machines, and details why isn't just a cause for concern, it's a matter of national security.  Information Security maga

  • Podcast: Expert sees rise in sophisticated attacks

    In this edition of Security Wire Weekly, Andreas Wiegenstein, chief technology officer of Virtual Forge discusses why application security attacks are becomming more sophisticated.  Article

  • Secure voting: Source code analysis tool key to absentee ballot system

    PostX turned to the Fortify Source Code Analysis tool for help developing an absentee ballot request system for the U.S. Armed Forces. The system allows deployed military personnel to securely request and receive absentee ballot packages via the Web ...  Article

  • Microsoft to fold security into Windows division

    The software giant said the move would make future Windows development efforts more efficient. The changes take effect after Microsoft releases Vista.  Article

  • Security Blog Log: Taking Google Code Search for a spin

    This week, the blogosphere is buzzing about Google Code Search. Despite concerns that the tool will aid attackers, some see it as a boost for security.  Column

  • Google Code Search gives security experts a sinking feeling

    The new search tool from Google can help developers find useful code examples. But security experts worry that it also will make attackers' jobs that much easier.  Article

Back to top