BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Firm pushes software security testing with fugitive tracking system

System that helps law enforcement track down fugitives was tested thoroughly to prove to CTOs and IT teams that the company is serious about security. Feature
Implement software development security best practices to support WAFs

WAFs aren't a panacea for all Web security woes. Software development security best practices are still vital. Expert Michael Cobb discusses why. Answer
mobile security (wireless security)

Mobile security is the protection of smartphones, tablets, laptops and other portable computing devices, and the networks they connect to, from threats and vulnerabilities associated with wireless computing. Mobile security is also known as wireless ... Definition
Enterprises at core of vendor software security testing, Veracode finds

Less than one in five enterprises have requested code-level security tests from at least one vendor, but the volume of assessments is growing. News
Gary McGraw: Proactive defense prudent alternative to cyberwarfare

Software security expert Gary McGraw explains that the U.S. should build proactive defense capabilities rather than pour billions into cyberweapons. News
Debating international cyberespionage, poor secure coding practices

Corey Schou explains why cyberespionage and corporate intelligence are linked; also, why attackers aren't to blame for insecure coding practices. Video
Web app design at the core of coding weaknesses, attacks, says expert

When addressing Web application threats and vulnerabilities, security teams need to look out for design flaws, says Mike Shema of Qualys, Inc. News
Ten commandments for software security

Software security expert Gary McGraw provides actionable guidance based on analysis of dozens of software security firms. Opinion
Replace technical debt-laden Adobe Reader with alternative PDF readers

Adobe Reader's technical debt may pose too great a security risk for some enterprises. Security expert Nick Lewis advises turning to alternative PDF readers. Answer
Firms failing at mobile application development security, study finds

Security is failing to gain a priority in the rush to build and test mobile applications, according to a study by Capgemini. News

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites