Thursday, March 5, 2009

New Effort Hopes to Improve Software Security

It’s not much of a secret that a lot of software has security flaws. One reason is that there aren’t any real standards for designing secure software. In fact, the right way to secure programs is rarely discussed at all.

A new group is hoping to change that. Tech security company Fortify and security consulting firm Cigital are getting ready to release a set of best practices that tech companies and other businesses can follow to ensure that the software they develop is secure. The authors developed the model by studying the security practices at Google, Microsoft, Adobe, and other tech companies, as well as non-tech companies that write their own software like Wells Fargo, and Depository Trust & Clearing Corp.

“For most of the last decade security has taken place in secret,” says Brian Chess, chief scientist at Fortify. Even the most basic security information is usually held close to the vest for fear that bad guys could use it to compromise a system. The lack of transparency serves a purpose, but it comes at the expense of helping other companies improve the security of their software.

Read More Article...

Related Posts by Categories



Widget by Hoctro | Jack Book

AddThis Social Bookmark Button

1 comment:

bineesh said...

Thanks for this good post....
Regards,
http://www.saibposervices.com/
Offshore outsourcing

Software Development Outsourcing
Outsourcing Services