Security Management Strategies for the CIO
Email Alerts
-
Citigroup attack highlights insufficient authorization error
Citigroup hackers used a common website vulnerability to bypass security controls and reap confidential banking data. News | 14 Jun 2011
-
Cigital acquires Consciere, brings in security vets
Software security consultancy Cigital has acquired Consciere, bringing in security veterans Joel Scambray and Kevin Rich. News | 07 Jun 2011
-
Software remediation can get caught in organizational issues
Running an application security program requires more than a solid budget. It needs a person with deep knowledge of the organization and its engineering processes. News | 26 Apr 2011
-
Eye On: Secure Software Development
This special report explores software security: reducing vulnerabilities and improving development processes. Article | 21 Apr 2011
-
Security pros find software code security improvements, weigh next step
Secure coding practices are improving at many software vendors, fueled by an increased emphasis on secure coding frameworks, training and new processes. News | 21 Apr 2011
-
Microsoft cites software security progress despite sluggish ASLR support
Microsoft's 2010 SDL progress report praised the software security program's steady progress, but points out room for further improvements. Article | 30 Mar 2011
-
Industry groups, businesses attempt security awareness training plan
Security training and education is one of the first investments made by an organizations after poor audit results or a data breach, experts say. Article | 14 Mar 2011
-
Sandboxing technology bolsters security, but it has weaknesses, expert says
Adobe Systems, Google, Microsoft and others are deploying applications that use sandboxing technology to defend against potential attacks, but savvy hackers know how to bypass it. Interview | 18 Jan 2011
-
Microsoft releases Attack Surface Analyzer to developers
The newly released tool helps developers identify whether newly installed applications change the attack surface of Microsoft Windows. Article | 18 Jan 2011
-
Google extends bounty program for Web application bugs
People who report serious Web application flaws in YouTube and Blogger could receive a reward as much as $3,133.70. Article | 02 Nov 2010