After years of being ignored by the security silo, application security is beginning to get some respect. Tool providers have started to help developers think about secure coding earlier in the application development lifecycle by building checks and balances into integrated development environments and related tooling. In this Beyond the Page, Michael Cobb explores new tools to vet open source libraries, explains how to manage security vulnerabilities that often go undetected, such as the OpenSSL Heartbleed flaw, and helps security officers build policy awareness for IT teams responsible for internal and commercial software.
Learn how you can lower your risk by revisiting application security policy and enforcing compliance with best practices.
In this video, application security expert Michael Cobb discusses open source risks and how revised security policies can standardize development.
Developers love reusing code, whether it’s an open source library or a code snippet copied from the Internet. This expert tip looks at the best ways to secure and monitor component-driven software.
About the expert
Michael Cobb, CISSP-ISSAP, is a renowned security author with over 20 years of experience in the IT industry. He co-authored the book IIS Security and has written many technical articles for SearchSecurity.com and other leading IT publications. He was formerly a Microsoft Certified Database Manager and a registered consultant with the CESG Listed Advisor Scheme (CLAS).
Reusing open source code can present a security risk. Application security expert Michael Cobb explains why and how to protect applications.