BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Security Bytes: Flaws plague Symantec, McAfee

Meanwhile: An IM worm exploits the holidays, Cisco offers workarounds for vulnerabilities in IOS and Oracle is using Forify's technology to boost security. Article
Java programming resources

Find Java-specific resources here. Ask the Expert
For Microsoft, security and trust prove elusive

Following the recent beta release of its OneCare Live security offering, Microsoft seems poised to dip its toe into the lucrative enterprise security and software services market. Despite its long history of security snafus and monthly patches, the s... Article
New algorithm promises to secure P2P content

Three cryptographers have developed a secure P2P content distribution method without creating bottlenecks, and it could prove to be a significant breakthrough in the encryption arena. Article
Sony rootkit uninstaller causes bigger threat

Princeton researchers say a security hole that appears when users try to remove Sony's copy protection software presents an even greater risk than the original rootkit. Article
Security Bytes: FTC cracks down on alleged spyware distributors

Patches fix serious RealPlayer flaws, IM malcode launches phishing attacks; Microsoft warns of Macromedia Flash flaw; Liberty Alliance pushes stronger authentication; FEMA data security is in question; patches fix Veritas flaws and TransUnion suffers... Article
Review: Series of tools helps shore up faulty coding

Secure Software's CodeAssure Suite is for programmers, not security engineers. But developers will benefit from its findings during product development. Article
Reporter's Notebook: NYC 'controls the software industry'

At Information Security Decisions: a security "rock star" rages against the Microsoft machine; banging the drum for enterprise security; a sour note on zero-day exploits. Article
Powerful payloads: The evolution of exploit frameworks

Attackers have new tools to launch faster, more powerful attacks. Contributor Ed Skoudis offers up some examples, some of which are very clever and very evil. Article
Exploit code lurks following new Windows patches

Windows IT managers work to apply critical fixes before exploit code that may have Zotob-like effects can harm vulnerable systems. Article

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites