BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

Five key trends jolting software security in 2013

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure.
Why can't I just ignore internal app security threats?

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.
How many revisions make for good code review?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Gary McGraw: Build security in from start

If the field of computer security is to be fixed, the only hope we have is building security in, says software security expert Gary McGraw. News | 09 Apr 2012
Nothing funny about SCADA and ICS security

A researcher calls the state of industrial control system security “laughable” and warns of the consequences of unpatched critical infrastructure that is reachable over the Internet. News | 06 Feb 2012
Microsoft emergency update to address hash collision attacks

A critical update affects all versions of Microsoft .NET Framework and other programming languages. The vulnerability could allow denial-of-service attacks. News | 29 Dec 2011
Cybersecurity career experts: Mobile app security skills hot in 2012

The increase in smartphones and other mobile devices has fueled demand for IT security pros with mobile app security and networking skills, say several cybersecurity career experts. News | 28 Dec 2011
Android app security: Study finds mobile developers creating flawed Android apps

A study of enterprise applications designed for Android devices found over 40% of Android applications contain hard-coded cryptographic keys, a practice that weakens Android app security. News | 08 Dec 2011
Adobe Flex update patches flaw in Flex application development framework

A coding error in the Adobe Flex SDK could cause developers to create applications with cross-site scripting issues, according to an advisory issued by Adobe Systems. News | 01 Dec 2011
HTML 5 security issues pose challenges for enterprises, experts say

While the Adobe Flash replacement packages browser data more efficiently, HTML 5 security issues present holes that could be targeted by attackers. News | 30 Nov 2011
Web application risks exacerbated by social media ties, says ISACA

Asynchronous JavaScript Technology, XML, Flash and HTML 5 enable a rich Web experience, but also give attackers an alarming number of ways to penetrate corporate networks. News | 26 Oct 2011
Cigital BSIMM 3 study provides software security metrics data

The third iteration of the widely acclaimed Building Security in Maturity Model documents software security initiatives at 42 enterprises. News | 27 Sep 2011
Measurement first among secure software development benchmarks

One expert says before implementing secure software development benchmarks, take stock of the security of existing applications. News | 20 Sep 2011

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites