- Software [In]security: Moving U.S. Cybersecurity Beyond Cyberplatitudes
-
By
Gary McGraw
- Jul 16, 2009
- Gary McGraw discusses how the current U.S. administration needs to make some important progress on cybersecurity rather than simply offering more platitudes.
|
- Why IT Pros Need to Learn About IPv6 Security Now: An Interview with Scott Hogg and Eric Vyncke
-
By
Linda Leung, Scott Hogg, Eric Vyncke
- Jul 4, 2009
- Linda Leung talks with Scott Hogg and Eric Vyncke about IPv6 transition and security issues.
|
- Software [In]security: Measuring Software Security
-
By
Gary McGraw, Jim Routh
- Jun 18, 2009
- Gary McGraw and Jim Routh describe the value positioning of a successful software security initiative instituted at a large financial services firm.
|
- IPv6 Internet Security for Your Network
-
By
Eric Vyncke, Scott Hogg
- Jun 4, 2009
- This chapter covers how to secure your network when it is connected to the IPv6 Internet.
|
- Software [In]security: Twitter Security
-
By
Gary McGraw
- May 15, 2009
- Gary McGraw details Twitter's fundamental security vulnerabilities.
|
- Software [In]security: Software Security Comes of Age
-
By
Gary McGraw
- Apr 16, 2009
- Gary McGraw details the continued growth of the software security industry, even in the face of worldwide recession.
|
- Software [In]security: Nine Things Everybody Does: Software Security Activities from the BSIMM
-
By
Gary McGraw, Brian Chess, Sammy Migues
- Feb 9, 2009
- Examine the nine common software security activities that make up the Building Security In Maturity Model (BSIMM).
|
- Software [In]security: Top 11 Reasons Why Top 10 (or Top 25) Lists Don’t Work
-
By
Gary McGraw
- Jan 13, 2009
- Gary McGraw explains why there’s more to software security than watching the bug parade march by.
|
- Software [In]security: Software Security Top 10 Surprises
-
By
Gary McGraw, Brian Chess, Sammy Migues
- Dec 15, 2008
- In the course of analyzing real-world data from top software security firms, Gary McGraw, Brian Chess, and Sammy Migues unearthed some surprises.
|
- Software [In]security: A Software Security Framework: Working Towards a Realistic Maturity Model
-
By
Gary McGraw, Brian Chess
- Oct 15, 2008
- Gary McGraw and Brian Chess introduce a software security framework (SSF) to help understand and plan a software security initiative.
|
- Software [In]security: Paying for Secure Software
-
By
Gary McGraw
- Apr 7, 2008
- Gary McGraw kicks off his new monthly column by showing how the added costs of developing secure software can be more than offset by lower TCO down the road.
|
- Visualization: How to Present Security Data to Get Your Point Across
-
By
Andrew Jaquith
- Dec 21, 2007
- Learn how to present security data in a style that truly gets your point across.
|
- Talk Is Cheap: Why the Security Industry Needs to Improve Its Bedside Manner
-
By
Michael Kemp
- Aug 17, 2007
- Michael Kemp explores an often-overlooked aspect of security practice, namely communicating with clients so that they can be assured of expertise instead of being awed by it.
|
- Will Cell Phones be Responsible for the Next Internet Worm?
-
By
Norm Laudermilch
- Apr 28, 2006
- The mobile devices you know and love are great for productivity, but they have completely changed the vulnerability state of our networks. Norm Laudermilch tells you why you should be afraid, very afraid.
|
- The Role of Architectural Risk Analysis in Software Security
-
By
Gary McGraw
- Mar 3, 2006
- Design flaws account for 50% of security problems. You can’t find design defects by staring at code—a higher-level understanding is required. That’s why architectural risk analysis plays an essential role in any solid software security program. Find out more about architectural risk analysis in this sample chapter.
|
- Open Source Tools for Security Testing
-
By
Michael Kelly
- Sep 16, 2005
- Michael Kelly reports on handy security uses for four open source tools: WebGoat, Firefox Web Developer, WebScarab, and Ethereal. By combining the tools in easy ways, testers can track down and close the gaping security holes that are often left in applications.
|
- An Overview of Computer Security
-
By
Matt Bishop
- Jan 3, 2005
|
- Information Flow
-
By
Matt Bishop
- Jan 3, 2005
|