Information Security

Defending the digital infrastructure


Manage Learn to apply best practices and optimize your operations.

Beyond the Page: Application security in the age of open source

This Beyond the Page feature explores some new tools for security pros to vet open source libraries and manage security vulnerabilities.

After years of being ignored by the security silo, application security is beginning to get some respect. Tool providers have started to help developers think about secure coding earlier in the application development lifecycle by building checks and balances into integrated development environments and related tooling. In this Beyond the Page, Michael Cobb explores new tools to vet open source libraries, explains how to manage security vulnerabilities that often go undetected, such as the OpenSSL Heartbleed flaw, and helps security officers build policy awareness for IT teams responsible for internal and commercial software.

Feature: Update your application security policy after Heartbleed

Learn how you can lower your risk by revisiting application security policy and enforcing compliance with best practices.

Video: Open source software security after Heartbleed

In this video, application security expert Michael Cobb discusses open source risks and how revised security policies can standardize development.

Tip: Safe assembly -- Component reuse in the age of open source

Developers love reusing code, whether it’s an open source library or a code snippet copied from the Internet. This expert tip looks at the best ways to secure and monitor component-driven software.

About the expert

Michael Cobb, CISSP-ISSAP, is a renowned security author with over 20 years of experience in the IT industry. He co-authored the book IIS Security and has written many technical articles for and other leading IT publications. He was formerly a Microsoft Certified Database Manager and a registered consultant with the CESG Listed Advisor Scheme (CLAS).

Article 2 of 7

Next Steps

Reusing open source code can present a security risk. Application security expert Michael Cobb explains why and how to protect applications.

This was last published in September 2014

Dig Deeper on Open source security tools and software

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

Get More Information Security

Access to all of our back issues View All