BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

Five key trends jolting software security in 2013

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure.
Why can't I just ignore internal app security threats?

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.
How many revisions make for good code review?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Microsoft still unlocking its security identity

Credibility, security… and Microsoft? Trustworthy Computing has improved Windows platform security, but don't expect Microsoft's security teams to put themselves out of business with credibility. Article
Okopipi leaps in where Blue Security left off

The new user group is building an open source P2P application that sends spammers automated "unsubscribe" messages. Some call it feasible, but others believe counterattack strategies are doomed to fail. Article
Security Bytes: Fix available for RealVNC flaw

In other news, changes may be coming for the Payment Card Industry (PCI) data security standard and Diebold will address security risks in its voting machines. Article
Oracle refuses to learn its lesson, experts say

Oracle critics say the database giant sits on known flaws for too long, leaving its applications open to attack. Is it time for infosec pros to extract Oracle products? Article
Fresh Bagels offer baked-in rootkits

The prolific worm's latest variants now sport rootkit functionality; one AV firm says most malware may soon include rootkits because attackers won't be able to resist the ROI. Article
Checklist: Ten dos and don'ts for secure coding

Download this checklist of dos and don'ts for developing secure code. Checklist
Ten dos and don'ts for secure coding

Security practitioners should understand how developers introduce security vulnerabilities into applications and work to support the developers in improving code quality and security. Encouragement and support for improvement must be a fundamental pa... Tip
Scientists band together for TRUST-worthy research

A group of the nation's top computer scientists and colleges are teaming up to find better ways to protect computing systems from cyberattacks. Article
IBM and friends tout open source ID management

Big Blue is teaming up with Novell and others on Project Higgins, an open source project to simplify and secure Internet ID management. Article
RSA Reporter's Notebook: Time to outlaw rootkits?

A Homeland Security official says rootkits need to go; how your best employees are leaking confidential data; and the end of perimeter security, for better or worse. Article

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites