New & Notable
Secure software development News
October 22, 2018
A zero-day in jQuery File Upload could affect thousands of projects because the jQuery plugin vulnerability has existed for eight years and actively exploited for at least three years.
September 25, 2018
Cisco hit by yet another new hardcoded credentials flaw, the latest in a long line of such flaws since last year, this time in its video surveillance manager appliance.
April 19, 2018
Bug bounty programs may seem to offer salvation at a bargain price for securing networks and systems, but Katie Moussouris offers tips for avoiding major pitfalls.
September 26, 2017
Citizen data scientists are now equipped with tools like low-code platforms, AI and automation and are revolutionizing the world of IT. Learn what this means for you.
Secure software development Get Started
Bring yourself up to speed with our introductory content
Software development training with an emphasis on secure coding can improve enterprise security postures. Steve Lipner of SafeCode discusses different ways to get the job done. Continue Reading
If you're studying for the CISSP exam, don't miss this special Security School on Domain 8. Review important concepts in software development security and sharpen your skills. Continue Reading
Understanding the ins and outs of the software development lifecycle is pivotal to passing Domain 8 of the CISSP exam. Are you ready? Find out with this practice quiz. Continue Reading
Evaluate Secure software development Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Need better security for apps? The right tools are key, but the right approach just as important. That's why you should consider the quality management system model. Continue Reading
Better app security requires both designing security in and protecting it from without. Learn how to work it from both angles and what tools you'll need for the job. Continue Reading
New FDA medical device guidance demonstrates the need for better cybersecurity during manufacturing and use. Expert Nick Lewis explains how enterprises can use the recommendations. Continue Reading
Manage Secure software development
Learn to apply best practices and optimize your operations.
After years of spirited debates and top-notch interviews, columnist Marcus Ranum is signing (sounding?) off with some final thoughts on the future of security. Continue Reading
OWASP released a draft of new guidelines for creating secure code within embedded software. Expert Judith Myerson discusses best practices, pitfalls to avoid and auditing tools. Continue Reading
Stealth is an attacker's best friend, especially when it comes to sneaking malware past the firewall. Learn about some trusty tools that can stop malware in its tracks. Continue Reading
Problem Solve Secure software development Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Misinterpretation of Intel's System Programming Guide resulted in a hardware debug exception vulnerability. Expert Michael Cobb explains how attackers can gain unauthorized access. Continue Reading
Expert Michael Cobb details how to argue for a multistep secure code review process, like Microsoft SDL, and the pros of secure coding practices. Continue Reading
Two critical, zero-day Foxit Reader vulnerabilities haven't been patched and pose a threat to enterprises. Judith Myerson explains the vulnerabilities and how to mitigate them. Continue Reading