Software Security

Archive for April 2015

 

12 questions to ask your app testing partner

Security is no longer a “nice to have” feature in your software. In a world of emerging threats and increasing compliance requirements, your customers and employees expect that you have done the work to uncover and address security issues. Your security testing strategy is fundamental to how you do business. But, not all security testing […]

Continue Reading...

Posted in Application Security, Software Security Testing | Comments Off on 12 questions to ask your app testing partner

 

How mapping the Ocean’s Eleven heist can make you better at application security testing

Picture a group of thieves planning a major heist at a Las Vegas casino, à la Ocean’s Eleven. To minimize the chances of getting caught red-handed and to maximize the haul, they need to outline each step of their plan. A map of their strategy might look something like this. The attackers’ goal—rob the casino—is […]

Continue Reading...

Posted in Application Security, Red Teaming, Vulnerability Assessment | Comments Off on How mapping the Ocean’s Eleven heist can make you better at application security testing

 

Why a software security group is needed

As software security evolves it becomes more difficult to manage, making a Software Security Group (SSG) a necessity for your organization. Without a core group of individuals fighting to keep the security of the firm strong, it will be nearly impossible to stay safe in today’s environment. 5 models for enterprise software security management teams […]

Continue Reading...

Posted in Maturity Model (BSIMM), Security Metrics, Software Security Testing | Comments Off on Why a software security group is needed