BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Should states lead charge for secure application development?

New York state's Application Security Procurement language could set off a cascade of initiatives in many states. News | 16 Jan 2009
New York drafts language demanding secure code

State will demand software makers certify their software does not contain the coding errors listed in the CWE/SANS Top 25 Dangerous Programming Errors. Article | 14 Jan 2009
Security experts identify 25 dangerous coding errors

A new list of common programming errors could give non-experts the ability to demand higher coding standards. Article | 12 Jan 2009
Adobe hopes to speed patch releases with more transparency

Poor communication with security researchers fuels inefficiencies, the software maker said. Article | 17 Dec 2008
Microsoft updates code analysis tool, SQL injection XSS library

The tools for developers help identify flaws to protect enterprise applications against SQL Injection and cross site scripting attacks. Article | 16 Dec 2008
Metaforic crosses swords with software pirates

Company joins a number of vendors in the application hardening market with a technology that embeds protections in a program at compile time. Article | 29 Oct 2008
Microsoft opens up secure development program

Microsoft is extending its Security Development Lifecycle processes to third parties. Article | 19 Sep 2008
Mozilla's Snyder says security pros should press vendors on security

Mozilla security chief Window Snyder says security pros should pressure their vendors to be better and more transparent about security. Article | 16 Sep 2008
Vista functionality still wins over security

A researcher renowned for tinkering with Active X controls tossed a pail of ice water today at Black Hat on the security-first marketing associated with Vista. News | 07 Aug 2008
Mozilla to release Firefox threat-modeling data

Black Hat: The Mozilla Foundation's security chief says it will soon publicly release threat-modeling data for the next version of the Firefox Web browser. Article | 06 Aug 2008

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites