 |
|
Secure at the Source: Implementing Source Code Vulnerability Testing in the Software Development Life Cycle
sponsored by Ounce Labs, an IBM Company
|
|
Fixing a software defect after deployment can cost an organization more than 100 times what it would have cost to fix it at the first stages of the software development life-cycle (SDLC). Many organizations are moving the responsibility and skills for testing security into the SDLC. This white paper illustrates the best models for integrating source code vulnerability testing into the SDLC and how to efficiently merge security expertise with development resources.
Written by one of the industry's leading experts in application security, this white paper describes three models for source code security testing in the SDLC, including pros, cons, and best practices. Read this white paper to learn about:
- Delegating software security testing within an organization
- Implementing code vulnerability testing within existing development model
- Effectively merging security and development resources together
Download Secure at the Source: Implementing Source Code Vulnerability Testing in the Software Development Life Cycle now.
|
|
|
|
Available Resources from Ounce Labs, an IBM Company
|
|
|
|
Software Reliability: Building Security In
sponsored by Ounce Labs, an IBM Company
 |
Video: |
Posted: 19 Nov 2009
|
|
Premiered:
|
19 Nov 2009 |
|
Summary: |
Fixing software security vulnerabilities during development is expensive, difficult and time-consuming. But fixing them after deployment is far more expensive and counterproductive. In this video featuring security expert Diana Kelley, learn state-of-the-art techniques for building a secure software development process.
|
|
|
|
|
|
|
Countdown: Selling security in the SDLC
sponsored by Ounce Labs, an IBM Company
 |
Podcast: |
Posted: 19 Nov 2009
|
|
Premiered:
|
19 Nov 2009 |
|
Summary: |
Building security into the software development lifecycle takes more than just a plan. You need the support of both the development and security/audit organizations to make it work. This podcast, featuring Diana Kelley, presents a plan for selling the value of security to all of the constituencies who matter in your organization.
|
|
|
|
|
|
|
Presentation Transcript: Business Case for Data Protection Survey & Results
sponsored by Ounce Labs, an IBM Company
 |
Presentation Transcript: |
Posted: 28 Oct 2009
|
|
Published:
|
21 Oct 2009 |
|
Summary: |
This presentation transcript presents the results of a survey conducted by Ponemon Institute and sponsored by Ounce Labs, an IBM Company. The survey determines what senior executives think about the value proposition of corporate data protection efforts. Read on to learn more.
|
|
|
|
|
|
|
E-Guide: Compliance and Risk Management Strategy
sponsored by Ounce Labs, an IBM Company
|
eGuide: |
Posted: 18 Sep 2009
|
|
Published:
|
18 Sep 2009 |
|
Summary: |
CIOs are increasingly approaching information management responsibilities with a risk management lens. This eGuide will look at how to take a strategic approach to risk management and compliance and mitigate operational risks of outsourcing services. Plus, how to define risks, core assets, and establish acceptable levels of risk will be discussed.
|
|
|
|
|
|
|
Avoid Security Suffering With These 3 Questions
sponsored by Ounce Labs, an IBM Company
|
Journal Article: |
Posted: 18 Sep 2009
|
|
Published:
|
16 Jun 2009 |
|
Summary: |
Participants at industry conferences and events often ask where the right place to start implementing security is. This is similar to starting off a talk with a doctor by asking “What medicine should I take?” The answer is going to be more questions. This article presents three questions to ask yourself before starting a security implementation.
|
|
|
|
|
|
|
Weathering a Perfect Storm: The Collision of Application Vulnerabilities and Data Privacy
sponsored by Ounce Labs, an IBM Company
|
Journal Article: |
Posted: 18 Sep 2009
|
|
Published:
|
17 Sep 2009 |
|
Summary: |
Enterprises, particularly those that deal with personal or private data, are now squarely in the path of a perfect storm. The convergence of regulatory compliance, high-profile data breaches and increased sophistication of cyber-attackers has transformed data security from an interesting IT sideline to a bottom-line, corner-office priority.
|
|
|
|
|
|
|
Business Case for Data Protection: Study of CEOs and other C-level Executives
sponsored by Ounce Labs, an IBM Company
|
Analyst Report: |
Posted: 18 Sep 2009
|
|
Published:
|
15 Jul 2009 |
|
Summary: |
This study looks at what senior executives think about the value of corporate data protection efforts within their organizations. It is important for those individuals charged with managing a data protection program to understand how key decision makers in organizations perceive the importance of safeguarding sensitive and confidential information.
|
|
|
|
|
|
|
New Ponemon Study Reveals Disconnects in Building the Business Case for Data Protection
sponsored by Ounce Labs, an IBM Company
 |
Webcast: |
Posted: 17 Sep 2009
|
|
Premiered:
|
Available On Demand |
|
Summary: |
In this webcast, newly released research reveals that C-level executives lack confidence in their organization's ability to safeguard sensitive data. This survey, conducted by Ponemon Institute and sponsored by Ounce Labs, an IBM Company, determines what senior executives think about the value proposition of corporate data protection efforts.
|
|
|
|
|
Software Quality Research Library