OWASP Security Spending Benchmarks Project

OWASP Security Spending Benchmarks Project

Date: Mar 27, 2009
An ongoing OWASP project investigates company spending on software development. Boaz Gelbord, executive director of information security at Wireless Generation Inc., organized the report with Jeremiah Grossman, chief technology officer of WhiteHat Security Inc. In this video, Gelbord explains some of the survey findings. A majority of companies surveyed are getting an independent third-party security review of software code, Gelbord said. He was interviewed at SecureWorld Boston Expo 2009 by SearchSecurity.com News Editor, Robert Westervelt.

More on Security Resources

  • canderson

    Adobe: Increasing transparency and the secure product lifecycle

    VIDEO - Brad Arkin discusses why Adobe created his role, how it engages the security research community and how Adobe has learned that talking about security isn't a bad thing.
  • canderson

    201 CMR 17 compliance: What you need to know

    VIDEO - The new Massachusetts data protection law, 201 CMR 17, is known as one of the most stringent laws of its kind. In this interview, David Navetta of the Information Law Group discusses how enterprises should approach compliance with this law.
  • multifactor authentication (MFA)

    Definition - Multifactor authentication (MFA) is a security system that requires more than one form of authentication to verify the legitimacy of a transaction. MFA combines two or more independent credentials: what the user knows (password), what the user has (security token) and what the user is (biometric verification).
  • SYN flood (half open attack)

    Definition - SYN flooding is a method that the user of a hostile client program can use to conduct a denial-of-service (DoS) attack on a computer server.
  • digital certificate

    Definition - A digital certificate is an electronic "passport" that allows a person, computer or organization to exchange information securely over the Internet using the public key infrastructure (PKI). A digital certificate may also be referred to as a public key certificate.

    Definition - COBIT  is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management practices.
  • computer forensics (cyber forensics)

    Definition - Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: