OWASP Security Spending Benchmarks Project

OWASP Security Spending Benchmarks Project

Date: Mar 27, 2009
An ongoing OWASP project investigates company spending on software development. Boaz Gelbord, executive director of information security at Wireless Generation Inc., organized the report with Jeremiah Grossman, chief technology officer of WhiteHat Security Inc. In this video, Gelbord explains some of the survey findings. A majority of companies surveyed are getting an independent third-party security review of software code, Gelbord said. He was interviewed at SecureWorld Boston Expo 2009 by SearchSecurity.com News Editor, Robert Westervelt.

More on Security Resources

  • canderson

    Adobe: Increasing transparency and the secure product lifecycle

    VIDEO - Brad Arkin discusses why Adobe created his role, how it engages the security research community and how Adobe has learned that talking about security isn't a bad thing.
  • canderson

    201 CMR 17 compliance: What you need to know

    VIDEO - The new Massachusetts data protection law, 201 CMR 17, is known as one of the most stringent laws of its kind. In this interview, David Navetta of the Information Law Group discusses how enterprises should approach compliance with this law.
  • firewall

    Definition - A firewall is a network security system, either hardware or software based, that controls incoming and outgoing network traffic based on a set of rules.
  • social engineering

    Definition - Social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.
  • Advanced Encryption Standard (AES)

    Definition - The Advanced Encryption Standard or AES is a symmetric block cipher used by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.
  • ethical hacker

    Definition - An ethical hacker is a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit.
  • Data Encryption Standard (DES)

    Definition - The Data Encryption Standard (DES) is an outdated symmetric-key method of data encryption.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: