Software Integrity Blog

Search Results for 'software security initiative'

 

BSIMM11: Tracking the cutting edge of software security initiatives

BSIMM11 gathers research on software security activities from real-life firms to create a guide to help you navigate your software security initiative.

Continue Reading...

Posted in Software Security Program

 

How proactive is your software security initiative?

A proactive software security initiative protects your organization. Does your software security measure up? Take our 12-question quiz to find out.

Continue Reading...

Posted in Software Security Program

 

Software security initiative capabilities: Getting started

A software security initiative (SSI) often begins with one of three common security capabilities:

Continue Reading...

Posted in Software Architecture & Design, Web Application Security

 

SAST and DAST: Part of a balanced software security initiative

The original version of this post was published on SecurityWeek.

Continue Reading...

Posted in Static Analysis (SAST), Web Application Security

 

3 common mistakes companies make when starting a software security initiative

Organizations typically make three common mistakes when establishing a software security initiative (SSI). The ability to reflect on these mistakes can help firms determine whether or not their program is moving in the right direction. Let’s explore some of the most common software security initiative mistakes and alternate approaches to get firms on the right track. Ad-hoc program vs. roadmap-based program Until recently, most firms didn’t perceive a SSI as a separate program. The software security functions were either ignored or haphazardly accomplished by leveraging other divisions in the organization such as development, IT operations, and network teams.

Continue Reading...

Posted in Application Security

 

3 fundamentals of a software security initiative

The best software security initiative is tuned to fit your organization and built to scale. Three SSI fundamentals are standards, policies, and metrics.

Continue Reading...

Posted in Software Security Program

 

TANSTAAFL! The tragedy of the commons meets open source software

Open source projects can become victims of their own success. What can developers do to secure their open source software?

Continue Reading...

Posted in Application Security, Open Source Security

 

Are you following the top 10 software security best practices?

Software security isn’t simply plug-and-play. Our top 10 software security best practices show you how to get the best return on your investment.

Continue Reading...

Posted in Software Security Program

 

[Webinars] Vulnerability reports, application security for DevOps and CI/CD

Learn how vulnerability reports can help you fix critical vulnerabilities effectively, and the essentials of application security for DevOps and CI/CD.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Open Source Security, Software Composition Analysis (SCA), Software Security Program, Webinars

 

Are you ready for API security?

Modern systems rely on complex systems of APIs exposed through a variety of networks. What is API security, and how does it fit into your security program?

Continue Reading...

Posted in Web Application Security