Software Development Methodology

VIDEO: 1 - 3 of 4

	Software security threats and employee awareness training SearchSecurity.com | 15 Jul 2009 VIDEO - What are the newest threats to enterprise networks, and how can you subvert these emerging security threats? Greg Hoglund, CEO of HBGary and creator of the first rootkit, answers these questions.

	The importance of secure software development training SearchSecurity.com | 24 Dec 2008 VIDEO - At Information Security Decisions 2008, security researchers discuss secure application coding and how to teach best practices to young developers (part 4 of 4).

	The future of exploit vulnerability research SearchSecurity.com | 24 Dec 2008 VIDEO - At Information Security Decisions 2008, security researchers discuss the most vulnerable network points and the future of the SDLC (part 1 of 4).

	VIEW ALL VIDEO ON SOFTWARE DEVELOPMENT METHODOLOGY

NEWS: 1 - 3 of 109

	Software piracy group offers cash to whistleblowers SearchSecurity.com | 03 Dec 2009 ARTICLE - An industry group made up of software companies is offering workers in the U.K. more than $30,000 to blow the whistle on pirated software in their workplace.

	SQL injection continues to trouble firms, lead to breaches SearchSecurity.com | 18 Aug 2009 ARTICLE - Security experts see the secure software development lifecycle improving, but legacy applications and Web server flaws continue to offer a rich treasure trove for attackers.

	Microsoft issues emergency Active Template Library updates SearchSecurity.com | 28 Jul 2009 ARTICLE - Security updates address flaws the Active Template Library affecting Internet Explorer and Visual Studio. An IE fix also blocks a method that allows attackers to bypass killbits.

	VIEW ALL NEWS ON SOFTWARE DEVELOPMENT METHODOLOGY

EXPERT TECHNICAL ADVICE: 1 - 3 of 35

SOFTWARE DEVELOPMENT METHODOLOGY EXPERTS
			Michael Cobb, featured expert Founder and Managing Director, Cobweb Applications Ltd. ASK A QUESTION

	How to detect software tampering 05 Nov 2009 TIP - In their book Surreptitious Software, authors Christian Collberg and Jasvir Nasvir reveals how to tamperproof your software and make sure it executes as intended.

	Does an EULA make it truly illegal to decompile software? 28 Aug 2009 EXPERT ANSWER - Michael Cobb explores a legal minefield: the legality of software decompilation.

	Common PCI questions: Web application firewalls or source code review? 23 Apr 2009 TIP - Is it better to use Web application firewalls, automated source code security reviews or vulnerability scans? Michael Cobb reviews your options.

	VIEW ALL EXPERT TECHNICAL ADVICE ON SOFTWARE DEVELOPMENT METHODOLOGY

REFERENCE & LEARNING: 1 - 3 of 11

	Information security book excerpts and reviews SearchSecurity.com | 07 Dec 2009 INFORMATION SECURITY BOOKSHELF - Visit the Information Security Bookshelf for book reviews and free chapter downloads.

	Quiz: How to build secure applications SearchSecurity.com | 19 Nov 2009 QUIZ - Use this five-question quiz to test your knowledge of how to secure your enterprise apps.

	Attacks targeted to specific applications By Dan Sullivan, Realtimepublishers | 26 Jan 2007 BOOK CHAPTER - This is the fourth tip in our series, "How to assess and mitigate information security threats".

	VIEW ALL REFERENCE & LEARNING ON SOFTWARE DEVELOPMENT METHODOLOGY

MAGAZINE CONTENT (free subscription required): 1 - 3 of 16

	Developers Need Help with Security Errors Information Security Magazine | 08 Oct 2009 FEATURES - SQL injection attacks continue to plague Web applications. Companies need to invest in technology and education to hold off hackers.

	Poor development practices lead to continued security problems Information Security Magazine | 28 Nov 2008 COLUMNS - Critical systems continue to fail because security specialists haven't established themselves as valuable professionals.

	Product review: Klocwork Insight 8.0 Information Security Magazine | 01 Jun 2008 HOT PICK & PRODUCT REVIEWS - SOFTWARE SECURITY

	VIEW ALL MAGAZINE CONTENT ON SOFTWARE DEVELOPMENT METHODOLOGY

WEBCASTS: 1 - 3 of 3

	Tools for securing the software development lifecycle - Expert Webcast VIEW WEBCAST PREMIERED:   30 MAR 2006, 09:00 EST (14:00, GMT) SUMMARY:   This webcast will address the key steps of the Software Development Lifecycle, and evaluate common tools and techniques to improve the security of applications.

	CISSP Essentials: Mastering the Common Body of Knowledge -- Class 6, Applications and System Development - Expert Webcast VIEW WEBCAST PREMIERED:   16 DEC 2004, 09:00 EST (14:00, GMT) SUMMARY:   Applications and computer systems are usually developed for functionality first, not security. Listen to this presentation and learn how to build security into every system from the outset.

	Five hidden tactics for secure programming - Expert Webcast VIEW WEBCAST PREMIERED:   28 SEP 2004, 12:00 EDT (16:00, GMT) SUMMARY:   Discover the five fundamental steps of secure code development to help you cost-effectively address the root cause of the biggest security exposures in uncompiled code: design flaws.

	VIEW ALL WEBCASTS ON SOFTWARE DEVELOPMENT METHODOLOGY

DEFINITIONS: 1 - 3 of 6

	fuzz testing 12 Dec 2007 WORD - Fuzz testing or fuzzing is a software testing technique used to discover coding errors and security loopholes in software, operating systems or networks by inputting massive amounts of random data, called fuzz, to the system ...

	Common Weakness Enumeration 27 May 2007 WORD - Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software. The dictionary is maintained by the MITRE Corporation and can be accessed free on a worldwide basis. ...

	threat modeling 14 Feb 2006 WORD - Threat modeling is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system. In this context, a ...

	VIEW ALL DEFINITIONS ON SOFTWARE DEVELOPMENT METHODOLOGY

SEE ALSO - Topics Related to Software Development Methodology:  Virtualization Security Issues and Threats, Email Protection, IM Security Issues, Risks and Tools, Web Security Tools and Best Practices, Enterprise Vulnerability Management, Application Firewall Security, Securing Productivity Applications, Database Security Management, Application Attacks (Buffer Overflows, Cross-Site Scripting), Operating System Security, Open Source Security Tools and Applications, Secure SaaS: Cloud services and systems