Home > Articles > Security > Software Security

Software Security

39 Items

Sort by Date | Title

Software [In]security: Obama Highlights Cyber Security Progress: By Gary McGraw; Jul 16, 2010; Software security expert Gary McGraw went to a White House meeting on cyber security attended by 100 public and private sector security experts. McGraw shares the details of the meeting, including an unannounced visit by President Obama.

Software [In]security: Partly Cloudy with a Chance of Security: By Gary McGraw; Jun 17, 2011; Security expert Gary McGraw provides some issues to consider when it comes to adoption of cloud services and their impact on security in your organization.

Software [In]security: Paying for Secure Software: By Gary McGraw; Apr 7, 2008; Gary McGraw kicks off his new monthly column by showing how the added costs of developing secure software can be more than offset by lower TCO down the road.

Software [In]security: Software Patents and Fault Injection: By Gary McGraw; Feb 28, 2011; Gary McGraw explains how another party may get a patent on a technique he had a hand in inventing.

Software [In]security: Software Security Comes of Age: By Gary McGraw; Apr 16, 2009; Gary McGraw details the continued growth of the software security industry, even in the face of worldwide recession.

Software [In]security: Software Security Crosses the Threshold: By Gary McGraw; Aug 16, 2010; The software security space exceeded the $500 million mark in 2009. Software security expert Gary McGraw examines the sales of security tools providers and services firms to find out how quickly the market is growing, and which parts of the market are driving growth.

Software [In]security: Software Security Top 10 Surprises: By Gary McGraw, Brian Chess, Sammy Migues; Dec 15, 2008; In the course of analyzing real-world data from top software security firms, Gary McGraw, Brian Chess, and Sammy Migues unearthed some surprises.

Software [In]security: Software Security Training: By Gary McGraw, Sammy Migues; Oct 31, 2011; Gary McGraw and Sammy Migues describe how training has changed, provide data showing it's importance, and explain why it's important to pick the right training for your organization's needs.

Software [In]security: Software Security Zombies: By Gary McGraw; Jul 21, 2011; Software security expert Gary McGraw reviews some of the most important security concepts — before they eat your (network's) brains.

Software [In]security: Startup Lessons: By Gary McGraw; Oct 22, 2009; Gary McGraw discusses the seven lessons he's learned through his startup years at Cigital.

Software [In]security: Technology Transfer: By Gary McGraw; Oct 26, 2010; Gary McGraw discusses the evolution of a source code scanning tool from research project to commercial project and details the transfer of technology that made it all happen.

Software [In]security: The Smart (Electric) Grid and Dumb Cybersecurity: By Gary McGraw; Mar 26, 2010; Security expert Gary McGraw explains why the rush to upgrade our power grid may lead to security vulnerabilities in critical infrastructure.

Software [In]security: Third-Party Software and Security: By Gary McGraw, Brian Chess, Sammy Migues; Nov 30, 2011; How do you gauge the security of third-party code? A recent security conference examined that question, and Gary McGraw presents the findings in this article.

Software [In]security: Top 11 Reasons Why Top 10 (or Top 25) Lists Don’t Work: By Gary McGraw; Jan 13, 2009; Gary McGraw explains why there’s more to software security than watching the bug parade march by.

Software [In]security: vBSIMM (BSIMM for Vendors): By Gary McGraw, Sammy Migues; Apr 12, 2011; How do you ensure that your third-party software vendors practice good software security? Software security expert Gary McGraw explains how the Building Security In Maturity Model can play a central role in this effort.

Software [In]security: vBSIMM Take Two (BSIMM for Vendors Revised): By Gary McGraw, Sammy Migues; Jan 26, 2012; Gary McGraw and Sammy Migues introduce a revised, compact version of the BSIMM for vendors called vBSIMM, which can be thought of as a foundational security control for vendor management of third-party software providers.

Software [In]security: What Works in Software Security: By Gary McGraw, Brian Chess, Sammy Migues; Feb 26, 2010; 15 of the 110 activities in the BSIMM are very commonly observed. Gary McGraw, Brian Chess, and Sammy Migues list and explain these activities.

Software [In]security: You Really Need a Software Security Group: By Gary McGraw; Dec 21, 2009; Gary McGraw explains why having a software security group is necessary for a software security initiative.

The Role of Architectural Risk Analysis in Software Security: By Gary McGraw; Mar 3, 2006; Design flaws account for 50% of security problems. You can’t find design defects by staring at code—a higher-level understanding is required. That’s why architectural risk analysis plays an essential role in any solid software security program. Find out more about architectural risk analysis in this sample chapter.

< Prev Page 1 2