BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Software remediation can get caught in organizational issues

Running an application security program requires more than a solid budget. It needs a person with deep knowledge of the organization and its engineering processes. News
UTM features: Is a UTM device right for your layered defense?

Expert Mike Chapple explores what features a contemporary UTM device provides, and explains the factors that help determine UTM total cost of ownership. Tip
Marcus Ranum on the consequences of poor software design

Marcus Ranum discusses the consequences of poor software design and what can be done to ensure this does not happen in the future. Video
Eye On: Secure Software Development

This special report explores software security: reducing vulnerabilities and improving development processes. Article
Security pros find software code security improvements, weigh next step

Secure coding practices are improving at many software vendors, fueled by an increased emphasis on secure coding frameworks, training and new processes. News
Secure software development: Getting started

Chris Eng, senior security researcher at Veracode Inc., explains how firms can get started improving their software development processes. Video
Microsoft cites software security progress despite sluggish ASLR support

Microsoft's 2010 SDL progress report praised the software security program's steady progress, but points out room for further improvements. Article
Common Weakness Enumeration (CWE)

Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software... (Continued) Definition
Industry groups, businesses attempt security awareness training plan

Security training and education is one of the first investments made by an organizations after poor audit results or a data breach, experts say. Article
Can threat modeling tools help with securing mobile applications?

When developing enterprise applications, do you know the quickest way to bridge the gap between an information security team and a development group? Answer

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites