Security Management Strategies for the CIO
Email Alerts
-
CA backup bug exploitable on Vista
In what appears to be the first exploit for a third-party app running on Vista, a previously patched buffer overflow vulnerability in CA BrightStor ARCserve Backup has been exploited. One security firm says ISVs aren't taking advantage of Vista's new... Article | 06 Feb 2007
-
Developing an application security mind-set
Baking security into applications can be a difficult process, but experts believe developing an application security mind-set can help create more secure software systems. Article | 05 Feb 2007
-
Microsoft releases Vista APIs to security vendors
Microsoft released a draft set of programming interfaces allowing security vendors to develop software using the Windows kernel on 64-bit systems. Article | 20 Dec 2006
-
Podcast: Expert sees rise in sophisticated attacks
In this edition of Security Wire Weekly, Andreas Wiegenstein, chief technology officer of Virtual Forge discusses why application security attacks are becomming more sophisticated. Article | 30 Oct 2006
-
Secure voting: Source code analysis tool key to absentee ballot system
PostX turned to the Fortify Source Code Analysis tool for help developing an absentee ballot request system for the U.S. Armed Forces. The system allows deployed military personnel to securely request and receive absentee ballot packages via the Web ... Article | 17 Oct 2006
-
Security Blog Log: Taking Google Code Search for a spin
This week, the blogosphere is buzzing about Google Code Search. Despite concerns that the tool will aid attackers, some see it as a boost for security. Column | 13 Oct 2006
-
Microsoft to fold security into Windows division
The software giant said the move would make future Windows development efforts more efficient. The changes take effect after Microsoft releases Vista. Article | 13 Oct 2006
-
Google Code Search gives security experts a sinking feeling
The new search tool from Google can help developers find useful code examples. But security experts worry that it also will make attackers' jobs that much easier. Article | 11 Oct 2006
-
Code-scanning tool automates software review at financial firm
An investment advisory company uses Fortify's Source Code Analysis code-scanning tool to help catch flaws and enhance its security in-depth approach. Article | 11 Oct 2006
-
Microsoft delivers 10 patches and tool update
Updated: Microsoft released six critical patches and updated a software tool Tuesday, but a technical problem prevented the company from pushing the fixes out via its automated tools. Article | 10 Oct 2006