Software Development Methodology
Home > Security Topics > Application and Platform Security > Software Development Methodology
Security Topics:
EMAIL THIS
 TOPICS HOME   BROWSE ALL SECURITY TOPICS   SECURITY INFO CENTERS   RESOURCE CENTERS     RSS FEEDS 

Software Development Methodology


This software development methodology resource center offers news and advice on using secure code to develop software without breaking it. Get information about secure software development tools, methods, systems, testing, the software development lifecycle, threat modeling, and static and source code analysis.
IN THIS TOPIC:  VIDEO (3) , NEWS (104) , EXPERT TECHNICAL ADVICE (33) , REFERENCE & LEARNING (10) , MAGAZINE CONTENT (15) , WEBCASTS (3) , DEFINITIONS (6)

  VIDEO: 1 - 3 of 3
The importance of secure software development training
SearchSecurity.com | 24 Dec 2008
VIDEO - At Information Security Decisions 2008, security researchers discuss secure application coding and how to teach best practices to young developers (part 4 of 4).
The future of exploit vulnerability research
SearchSecurity.com | 24 Dec 2008
VIDEO - At Information Security Decisions 2008, security researchers discuss the most vulnerable network points and the future of the SDLC (part 1 of 4).
Gary McGraw on secure software development
SearchSecurity.com | 29 Jul 2008
VIDEO - Gary McGraw of Cigital Inc. explains why better secure coding could help thwart future Web 2.0 attacks. He says the industry is making progress.
VIEW ALL VIDEO ON SOFTWARE DEVELOPMENT METHODOLOGY

  NEWS: 1 - 3 of 104
nCircle statistics show rising Web application vulnerabilities
SearchSecurity.com | 02 Jul 2009
ARTICLE - The number of Web application vulnerabilities detected by the vendor is on track to exceed 2008, according to the latest statistics.
Juniper pulls ATM hacking presentation from Black Hat
SearchSecurity.com | 30 Jun 2009
ARTICLE - Researcher planned to demonstrate a hacking technique targeting the underlying software of a new ATM.
Software Piracy pandemic needs government role, better vendor antipiracy plans
SearchSecurity.com | 05.18.2009
OPINION - Software vendors need better antipiracy plans, but they have to strike a balance to avoid alienating customers and rising support headaches.
VIEW ALL NEWS ON SOFTWARE DEVELOPMENT METHODOLOGY

  EXPERT TECHNICAL ADVICE: 1 - 3 of 33
SOFTWARE DEVELOPMENT METHODOLOGY EXPERTS
Michael Cobb, featured expert
Founder and Managing Director, Cobweb Applications Ltd.
ASK A QUESTION
Common PCI questions: Web application firewalls or source code review?
23 Apr 2009
TIP - Is it better to use Web application firewalls, automated source code security reviews or vulnerability scans? Michael Cobb reviews your options.
Should static analysis be a part of the software development process?
08 Jan 2009
EXPERT ANSWER - When the cost of addressing security issues increases as the software design lifecycle proceeds, see why expert Michael Cobb says that using static analysis early on can benefit your bottom line.
How can quality assurance tools aid software development?
24 Nov 2008
EXPERT ANSWER - There are an increasing number of tools aimed at improving software quality control and assurance, and they can certainly play a role in producing higher quality software. In this expert Q&A, Michael Cobb explains why the QA ...
VIEW ALL EXPERT TECHNICAL ADVICE ON SOFTWARE DEVELOPMENT METHODOLOGY

  REFERENCE & LEARNING: 1 - 3 of 10
Information security book excerpts and reviews
SearchSecurity.com | 19 Feb 2009
INFORMATION SECURITY BOOKSHELF - Visit the Information Security Bookshelf for book reviews and free chapter downloads.
Attacks targeted to specific applications
By Dan Sullivan, Realtimepublishers | 26 Jan 2007
BOOK CHAPTER - This is the fourth tip in our series, "How to assess and mitigate information security threats".
Architectural Risk Analysis: Traditional Risk Analysis Terminology
06 Feb 2006
BOOK CHAPTER -
VIEW ALL REFERENCE & LEARNING ON SOFTWARE DEVELOPMENT METHODOLOGY

  MAGAZINE CONTENT (free subscription required): 1 - 3 of 15
Poor development practices lead to continued security problems
Information Security Magazine | 28 Nov 2008
COLUMNS - Critical systems continue to fail because security specialists haven't established themselves as valuable professionals.
Product review: Klocwork Insight 8.0
Information Security Magazine | 01 Jun 2008
HOT PICK & PRODUCT REVIEWS - SOFTWARE SECURITY
Product review: Mu-4000 Security Analyzer
Information Security Magazine | 01 Jun 2008
HOT PICK & PRODUCT REVIEWS - SYSTEM/DEVICE TESTING
VIEW ALL MAGAZINE CONTENT ON SOFTWARE DEVELOPMENT METHODOLOGY

  WEBCASTS: 1 - 3 of 3
Tools for securing the software development lifecycle - Expert Webcast

VIEW WEBCAST
PREMIERED:   30 MAR 2006, 09:00 EST (14:00, GMT)
SUMMARY:   This webcast will address the key steps of the Software Development Lifecycle, and evaluate common tools and techniques to improve the security of applications.
CISSP Essentials: Mastering the Common Body of Knowledge -- Class 6, Applications and System Development - Expert Webcast

VIEW WEBCAST
PREMIERED:   16 DEC 2004, 09:00 EST (14:00, GMT)
SUMMARY:   Applications and computer systems are usually developed for functionality first, not security. Listen to this presentation and learn how to build security into every system from the outset.
Five hidden tactics for secure programming - Expert Webcast

VIEW WEBCAST
PREMIERED:   28 SEP 2004, 12:00 EDT (16:00, GMT)
SUMMARY:   Discover the five fundamental steps of secure code development to help you cost-effectively address the root cause of the biggest security exposures in uncompiled code: design flaws.
VIEW ALL WEBCASTS ON SOFTWARE DEVELOPMENT METHODOLOGY

  DEFINITIONS: 1 - 3 of 6
fuzz testing
12 Dec 2007
WORD - Fuzz testing or fuzzing is a software testing technique used to discover coding errors and security loopholes in software, operating systems or networks by inputting massive amounts of random data, called fuzz, to the system ...
Common Weakness Enumeration
27 May 2007
WORD - Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software. The dictionary is maintained by the MITRE Corporation and can be accessed free on a worldwide basis. ...
threat modeling
14 Feb 2006
WORD - Threat modeling is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system. In this context, a ...
VIEW ALL DEFINITIONS ON SOFTWARE DEVELOPMENT METHODOLOGY

SEE ALSO - Topics Related to Software Development Methodology: 
Open Source Security Tools and Applications, Virtualization Security Issues and Threats, Email Protection, IM Security Issues, Risks and Tools, Web Security Tools and Best Practices, Enterprise Vulnerability Management, Application Firewall Security, Securing Productivity Applications, Database Security Management, Application Attacks (Buffer Overflows, Cross-Site Scripting), Operating System Security, Secure SaaS: Cloud services and systems



Find the Right Software Development Methodology Solution
Software Development Methodology Solutions for Resellers

TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts