BSIMM4: Secure development's measuring stick

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

  • If e-thieves want your vote, they can have it

    This week in Security Blog Log, researchers focus on flaws in Diebold's electronic voting machine. Attackers could easily exploit them to tamper with your vote, they claim.  Column | 14 Sep 2006

  • Oracle expert warns of weakness in PL/SQL

    A well-known Oracle bug hunter says the wrapping mechanism used for PL/SQL -- the flagship language used in Oracle databases -- can be unraveled, exposing sensitive data.  Article | 17 Aug 2006

  • Ruby on Rails development tool has 'serious' flaw

    Those who use the emerging Ruby on Rails open source Web application development framework are urged to switch to version 1.1.5 to fix an undisclosed security hole.  Article | 10 Aug 2006

  • Ajax threats worry researchers

    Black Hat: While it makes smooth Web applications like Google Maps possible, the rush to adopt Ajax may fuel haphazard development and a feeding frenzy among hackers.  Article | 04 Aug 2006

  • Russinovich now belongs to Microsoft

    Winternals and its well-known technical leader, Mark Russinovich, are now part of Microsoft. The software giant has acquired Winternals for an undisclosed fee.  Article | 19 Jul 2006

  • Security Bytes: Consultant cracks FBI database

    In other news, a Google Reader flaw is addressed and OpenOffice patches three security holes attackers could use to tamper with files.  Article | 06 Jul 2006

  • Microsoft's new security chief: 'We've come a long way'

    Microsoft's newest top cop plans on getting his hands dirty. Ben Fathi, recently named chief of Microsoft's Security Technology Unit, said he is ready to jump into design and development to push forward the company's security offerings.

    A corpor...  Interview | 26 Jun 2006

  • Security Blog Log: Doing good with exploit code

    This week, IT pros take note of the latest Microsoft patches and exploit code. Also, a look at why exploit code isn't always evil.  Column | 16 Jun 2006

  • Microsoft still unlocking its security identity

    Credibility, security… and Microsoft? Trustworthy Computing has improved Windows platform security, but don't expect Microsoft's security teams to put themselves out of business with credibility.  Article | 15 Jun 2006

  • Okopipi leaps in where Blue Security left off

    The new user group is building an open source P2P application that sends spammers automated "unsubscribe" messages. Some call it feasible, but others believe counterattack strategies are doomed to fail.  Article | 25 May 2006

Back to top