Software Development Methodology
Home > Security Topics > Application and Platform Security > Software Development Methodology
Security Topics:
EMAIL THIS
 TOPICS HOME   BROWSE ALL SECURITY TOPICS   SECURITY INFO CENTERS   RESOURCE CENTERS     RSS FEEDS 

Software Development Methodology


This software development methodology resource center offers news and advice on using secure code to develop software without breaking it. Get information about secure software development tools, methods, systems, testing, the software development lifecycle, threat modeling, and static and source code analysis.
IN THIS TOPIC:  VIDEO (4) , NEWS (108) , EXPERT TECHNICAL ADVICE (35) , REFERENCE & LEARNING (10) , MAGAZINE CONTENT (16) , WEBCASTS (3) , DEFINITIONS (6)

  VIDEO: 1 - 3 of 4
Software security threats and employee awareness training
SearchSecurity.com | 15 Jul 2009
VIDEO - What are the newest threats to enterprise networks, and how can you subvert these emerging security threats? Greg Hoglund, CEO of HBGary and creator of the first rootkit, answers these questions.
The importance of secure software development training
SearchSecurity.com | 24 Dec 2008
VIDEO - At Information Security Decisions 2008, security researchers discuss secure application coding and how to teach best practices to young developers (part 4 of 4).
The future of exploit vulnerability research
SearchSecurity.com | 24 Dec 2008
VIDEO - At Information Security Decisions 2008, security researchers discuss the most vulnerable network points and the future of the SDLC (part 1 of 4).
VIEW ALL VIDEO ON SOFTWARE DEVELOPMENT METHODOLOGY

  NEWS: 1 - 3 of 108
SQL injection continues to trouble firms, lead to breaches
SearchSecurity.com | 18 Aug 2009
ARTICLE - Security experts see the secure software development lifecycle improving, but legacy applications and Web server flaws continue to offer a rich treasure trove for attackers.
Microsoft issues emergency Active Template Library updates
SearchSecurity.com | 28 Jul 2009
ARTICLE - Security updates address flaws the Active Template Library affecting Internet Explorer and Visual Studio. An IE fix also blocks a method that allows attackers to bypass killbits.
IBM acquires Ounce Labs for source code analysis
SearchSecurity.com | 28 Jul 2009
ARTICLE - Big Blue plans to add the source code security testing vendor to its Rational software business. Financial terms were not disclosed.
VIEW ALL NEWS ON SOFTWARE DEVELOPMENT METHODOLOGY

  EXPERT TECHNICAL ADVICE: 1 - 3 of 35
SOFTWARE DEVELOPMENT METHODOLOGY EXPERTS
Michael Cobb, featured expert
Founder and Managing Director, Cobweb Applications Ltd.
ASK A QUESTION
How to detect software tampering
05 Nov 2009
TIP - In their book Surreptitious Software, authors Christian Collberg and Jasvir Nasvir reveals how to tamperproof your software and make sure it executes as intended.
Does an EULA make it truly illegal to decompile software?
28 Aug 2009
EXPERT ANSWER - Michael Cobb explores a legal minefield: the legality of software decompilation.
Common PCI questions: Web application firewalls or source code review?
23 Apr 2009
TIP - Is it better to use Web application firewalls, automated source code security reviews or vulnerability scans? Michael Cobb reviews your options.
VIEW ALL EXPERT TECHNICAL ADVICE ON SOFTWARE DEVELOPMENT METHODOLOGY

  REFERENCE & LEARNING: 1 - 3 of 10
Information security book excerpts and reviews
SearchSecurity.com | 19 Feb 2009
INFORMATION SECURITY BOOKSHELF - Visit the Information Security Bookshelf for book reviews and free chapter downloads.
Attacks targeted to specific applications
By Dan Sullivan, Realtimepublishers | 26 Jan 2007
BOOK CHAPTER - This is the fourth tip in our series, "How to assess and mitigate information security threats".
Architectural Risk Analysis: Traditional Risk Analysis Terminology
06 Feb 2006
BOOK CHAPTER -
VIEW ALL REFERENCE & LEARNING ON SOFTWARE DEVELOPMENT METHODOLOGY

  MAGAZINE CONTENT (free subscription required): 1 - 3 of 16
Developers Need Help with Security Errors
Information Security Magazine | 08 Oct 2009
FEATURES - SQL injection attacks continue to plague Web applications. Companies need to invest in technology and education to hold off hackers.
Poor development practices lead to continued security problems
Information Security Magazine | 28 Nov 2008
COLUMNS - Critical systems continue to fail because security specialists haven't established themselves as valuable professionals.
Product review: Klocwork Insight 8.0
Information Security Magazine | 01 Jun 2008
HOT PICK & PRODUCT REVIEWS - SOFTWARE SECURITY
VIEW ALL MAGAZINE CONTENT ON SOFTWARE DEVELOPMENT METHODOLOGY

  WEBCASTS: 1 - 3 of 3
Tools for securing the software development lifecycle - Expert Webcast

VIEW WEBCAST
PREMIERED:   30 MAR 2006, 09:00 EST (14:00, GMT)
SUMMARY:   This webcast will address the key steps of the Software Development Lifecycle, and evaluate common tools and techniques to improve the security of applications.
CISSP Essentials: Mastering the Common Body of Knowledge -- Class 6, Applications and System Development - Expert Webcast

VIEW WEBCAST
PREMIERED:   16 DEC 2004, 09:00 EST (14:00, GMT)
SUMMARY:   Applications and computer systems are usually developed for functionality first, not security. Listen to this presentation and learn how to build security into every system from the outset.
Five hidden tactics for secure programming - Expert Webcast

VIEW WEBCAST
PREMIERED:   28 SEP 2004, 12:00 EDT (16:00, GMT)
SUMMARY:   Discover the five fundamental steps of secure code development to help you cost-effectively address the root cause of the biggest security exposures in uncompiled code: design flaws.
VIEW ALL WEBCASTS ON SOFTWARE DEVELOPMENT METHODOLOGY

  DEFINITIONS: 1 - 3 of 6
fuzz testing
12 Dec 2007
WORD - Fuzz testing or fuzzing is a software testing technique used to discover coding errors and security loopholes in software, operating systems or networks by inputting massive amounts of random data, called fuzz, to the system ...
Common Weakness Enumeration
27 May 2007
WORD - Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software. The dictionary is maintained by the MITRE Corporation and can be accessed free on a worldwide basis. ...
threat modeling
14 Feb 2006
WORD - Threat modeling is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system. In this context, a ...
VIEW ALL DEFINITIONS ON SOFTWARE DEVELOPMENT METHODOLOGY

SEE ALSO - Topics Related to Software Development Methodology: 
Virtualization Security Issues and Threats, Email Protection, IM Security Issues, Risks and Tools, Web Security Tools and Best Practices, Enterprise Vulnerability Management, Application Firewall Security, Securing Productivity Applications, Database Security Management, Application Attacks (Buffer Overflows, Cross-Site Scripting), Operating System Security, Open Source Security Tools and Applications, Secure SaaS: Cloud services and systems



Find the Right Software Development Methodology Solution

TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts