BSIMM4: Secure development's measuring stick

BSIMM4: Secure development's measuring stick

The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.
MORE HIGHLIGHTS

How enterprises should react to OWASP's updated Top 10

Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.
Opinion: Attack those software architecture flaws

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.
How to reduce open source code security risk

Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.

Software Development Methodology

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Opinion: Software [in]security -- software flaws in application architecture

Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws. Opinion
Five major technology trends affecting software security assurance

Column: Gary McGraw says five shifts in the IT landscape are affecting software security, but several BSIMM best practices can limit risk exposure. Opinion
McGraw: Financial services develop a proactive posture

The idea behind proactive security is simple: build security in the first time by following security models like BSIMM and security engineering. Column
Marcus Ranum: Q&A with clean-slate pioneer Peter G. Neumann

Marcus Ranum, security expert and Information Security magazine columnist, goes one-on-one with clean-slate luminary Peter G. Neumann of SRI International and formerly Bell Labs. Column
Security transitions: Changes that make a difference

This month, Information Security Magazine examines security industry changes that can really make a difference: improving identity management and building security into software from the get go. Opinion
McGraw's mobile app security strategy: Three legs of 'trusted on busted'

Struggling to define your mobile app security strategy? Gary McGraw offers a manifesto to help get infosec and app developers on the same page. Column
Testing, assessment methods offer third-party software security assurance

No ultimate test can give third-party software a clean bill of health, but careful assessment can help organizations gain more control over vendors. Opinion
Thirteen principles to ensure enterprise system security

Designing sound enterprise system security is possible by following Gary McGraw's 13 principles, many of which have held true for decades. Column
Congress should encourage bug fixes, reward secure systems

Cybersecurity policy should encourage bug fixes instead of simply recording and reporting attacks, software security expert Gary McGraw explains. Opinion
Gary McGraw: Eliminating badware addresses malware problem

Bad software and malicious software are two different issues that are easily confused, says software security expert Gary McGraw. Opinion

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

MORE HIGHLIGHTS

Software Development Methodology

Email Alerts

More from Related TechTarget Sites