BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

Five key trends jolting software security in 2013

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure.
Why can't I just ignore internal app security threats?

Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.
How many revisions make for good code review?

Expert Michael Cobb details how to argue for a multistep secure code review process like the Microsoft SDL, and the pros of secure coding practices.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Google study backs browser silent auto update feature

A recent study found that manual browser updates resulted in less secure browsers. Experts say software patching needs continued improvements. Mozilla responds. Article | 08 May 2009
Secure software development starts before coding begins

Source code and binary analysis tools both play a role in secure software development, but experts say careful planning, better education and a lot of hard work are even more important. Article | 22 Apr 2009
Security budget issues to resonate at RSA Conference

Increasing pressure to cut costs coupled with new compliance demands could have CISOs looking for answers at the 2009 RSA Conference. Article | 16 Apr 2009
Twitter worm attack highlights social network flaws

A worm attack used to promote a rival social network wreaked havoc on Twitter, but also highlighted the importance of finding and repairing Web application flaws. News | 14 Apr 2009
New model supports secure software coding

In this podcast, secure coding experts Brian Chess and Sammy Migues say their new model is the first software security blueprint based on real world data and observed activities. News | 07 Apr 2009
Firms improve secure coding practices, OWASP survey finds

Boaz Gelbord, OWASP Security Spending Benchmarks Project Leader, explains the survey results. Also, Ivan Arce of Core Security talks about smartphone threats and penetration testing. News | 26 Mar 2009
More companies seek third-party Web app code review, survey finds

Companies are taking a closer look at software code to find critical vulnerabilities, according to a new survey conducted by the OWASP foundation. Article | 24 Mar 2009
Free HP SWFScan tool detects Adobe Flash flaws

SWFScan analyzes Adobe Flash to identify dozens of source code errors. Article | 23 Mar 2009
Fuzzing tool helps Oracle DBAs defend against SQL injection

A new open source fuzzing tool is available to test PL/SQL applications for security vulnerabilities. The free tool was developed by database security vendor Sentrigo. Article | 04 Feb 2009
Educators see secure coding training challenges, improvements

University-level secure coding training is improving, but hurdles remain, professors say. Article | 27 Jan 2009

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites