PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
September 2014 Vol. 16 / No. 7

Application security policy after Heartbleed

Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of third-party libraries and components in projects. How do security teams go about documenting code to ensure it's up-to-date, patched and still secure? How can information security professionals enforce development best practices and compliance with application security policy across the enterprise? Michael Cobb looks at the risks of open source software and how to manage them, in this month's cover story. Robert Richardson also writes about the dangers of open source software and explains why he thinks community-driven audits such as the TrueCrypt project are a great place to start, but may not go far enough. The state of encryption and how key management may present a barrier to wider adoption is explored by technology journalist Rob Lemos.

Features in this issue

Columns in this issue

More PRO+ Content

View All