BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

Five key trends jolting software security in 2013

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure.
Why can't I just ignore internal app security threats?

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.
How many revisions make for good code review?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

McGraw's mobile app security strategy: Three legs of 'trusted on busted'

Struggling to define your mobile app security strategy? Gary McGraw offers a manifesto to help get infosec and app developers on the same page. Column
How to negate business logic attack risk: Improve security in the SDLC

Expert Nick Lewis details the threat posed by business logic attacks and how stressing the importance of security in the SDLC can reduce that threat. Tip
Testing, assessment methods offer third-party software security assurance

No ultimate test can give third-party software a clean bill of health, but careful assessment can help organizations gain more control over vendors. Opinion
Thirteen principles to ensure enterprise system security

Designing sound enterprise system security is possible by following Gary McGraw's 13 principles, many of which have held true for decades. Column
stack overflow

A stack overflow is an undesirable condition in which a particular computer program tries to use more memory space than the call stack has available. In programming, the call stack is a buffer that stores requests that need to be handled. Definition
Deploying DLP technology requires hands-on approach, experts say

Preventing data loss incidents involves sound policy, knowledge of the threat landscape and constant vigilance over your DLP system, experts say. News
Twelve common software security activities to lift your program

Software security expert Gary McGraw explains the processes commonly found in highly successful software security programs. Opinion
Firm pushes software security testing with fugitive tracking system

System that helps law enforcement track down fugitives was tested thoroughly to prove to CTOs and IT teams that the company is serious about security. Feature
Implement software development security best practices to support WAFs

WAFs aren't a panacea for all Web security woes. Software development security best practices are still vital. Expert Michael Cobb discusses why. Answer
mobile security (wireless security)

Mobile security is the protection of smartphones, tablets, laptops and other portable computing devices, and the networks they connect to, from threats and vulnerabilities associated with wireless computing. Mobile security is also known as wireless ... Definition

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites