OWASP Security Spending Benchmarks Project

OWASP Security Spending Benchmarks Project

OWASP Security Spending Benchmarks Project

Date: Mar 27, 2009
An ongoing OWASP project investigates company spending on software development. Boaz Gelbord, executive director of information security at Wireless Generation Inc., organized the report with Jeremiah Grossman, chief technology officer of WhiteHat Security Inc. In this video, Gelbord explains some of the survey findings. A majority of companies surveyed are getting an independent third-party security review of software code, Gelbord said. He was interviewed at SecureWorld Boston Expo 2009 by SearchSecurity.com News Editor, Robert Westervelt.

More on Security Resources

  • canderson

    Adobe: Increasing transparency and the secure product lifecycle

    VIDEO - Brad Arkin discusses why Adobe created his role, how it engages the security research community and how Adobe has learned that talking about security isn't a bad thing.
  • canderson

    201 CMR 17 compliance: What you need to know

    VIDEO - The new Massachusetts data protection law, 201 CMR 17, is known as one of the most stringent laws of its kind. In this interview, David Navetta of the Information Law Group discusses how enterprises should approach compliance with this law.
  • PKI (public key infrastructure)

    Definition - A public key infrastructure (PKI) supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the Internet and verify the identity of the other party.
  • Pretty Good Privacy (PGP)

    Definition - Pretty Good Privacy or PGP is a popular program used to encrypt and decrypt email over the Internet, as well as authenticate messages with digital signatures and encrypted stored files.
  • firewall

    Definition - A firewall is a network security system, either hardware or software based, that controls incoming and outgoing network traffic based on a set of rules.
  • social engineering

    Definition - Social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.
  • Advanced Encryption Standard (AES)

    Definition - The Advanced Encryption Standard or AES is a symmetric block cipher used by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: