BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

Five key trends jolting software security in 2013

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure.
Why can't I just ignore internal app security threats?

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.
How many revisions make for good code review?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Dos and don'ts: Ensuring apps security from the get-go

Closing the gap between developers and users is the first step toward making sure applications are secure. Article | 24 Aug 2005
ISD 2005: Taking the guesswork out of information security

To gain a better handle on vulnerable networks, enterprises should base security decisions on data and not folklore. Article | 12 May 2005
SANS: Security software, media players increasingly vulnerable

More than 600 new Internet vulnerabilities surfaced in the first quarter of 2005. More cracks are showing in security software and media players. Article | 02 May 2005
Breaking software easier than you think

Whether you create applications or just use them, one way to make a system more secure is to understand how it's being exploited. Article | 14 Apr 2005
Software secured with CLASP

New guidelines to bake security into the early stages of software development come just as teams feel the squeeze. Article | 12 Apr 2005
Winning the cyber arms race in the classroom

In the struggle for cybersecurity, Lenny Zeltser's most important weapons are the classroom and the pen.
For the past few years he has taught part-time at the SANS Institute, creating a course on how to analyze malicious software,. He's al... Interview | 14 Mar 2005

Vendor liability: A pointless argument?

The war of whether vendors should be held liable for defects in their software will rage on at RSA. The debate, however, comes a decade too late. Column | 02 Feb 2005

Microsoft to keep governments in the security loop

Redmond launches a program to keep governments informed when it's dealing with security problems. Article | 02 Feb 2005

You can prevent buffer-overflow attacks

Home-grown apps are susceptible to buffer overflows as are Windows and Linux apps; the conclusion of this two-part series will detail how to protect applications from attack. Article | 31 Jan 2005

Buffer-overflow attacks: How do they work?

Home-grown apps are susceptible to buffer overflows as are Windows and Linux apps; part one of this two-part series shows how hackers can take control of your programs. Article | 31 Jan 2005

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

Back to top

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites