Ask the Experts: How can software engineers support security efforts?

We’ve gathered some expert opinions about how software engineers can contribute to, improve, and even lead their organization’s software security program.
The post Ask the Experts: How can software engineers support security efforts? appea… Continue reading Ask the Experts: How can software engineers support security efforts?

[Webinars] NVD data feed alternatives and software security metrics

Learn about a better, faster alternative to NVD vulnerability data feeds and how to measure software security effectiveness and use metrics to drive change.
The post [Webinars] NVD data feed alternatives and software security metrics appeared first on… Continue reading [Webinars] NVD data feed alternatives and software security metrics

BSIMM10: A decade of research on software security activities

BSIMM10 compiles a decade of research on software security activities in real-life firms into a guide for maturing your software security initiative.
The post BSIMM10: A decade of research on software security activities appeared first on Software Int… Continue reading BSIMM10: A decade of research on software security activities

Software security program checklist: Kick off your program with a bang

If you want to enjoy your Sunday kickoffs, our software security program checklist of five activities will help you kick off your program successfully.
The post Software security program checklist: Kick off your program with a bang appeared first on S… Continue reading Software security program checklist: Kick off your program with a bang

More medical mega-breaches thanks to third-party insecurity

The AMCA breach hammers home the need for supply chain security. Here’s how to vet your vendors so you can keep from becoming the next Quest or LabCorp.
The post More medical mega-breaches thanks to third-party insecurity appeared first on Softw… Continue reading More medical mega-breaches thanks to third-party insecurity

[Webinars] Software security metrics and open source security

Learn how to drive your software security initiative with metrics, and get practical advice for open source security with Red Hat, in our upcoming webinars.
The post [Webinars] Software security metrics and open source security appeared first on Softw… Continue reading [Webinars] Software security metrics and open source security

The hidden costs and risks of free puppies (and open source)

SCA tools are an essential part of your AppSec toolkit, because free and open source software—just like free puppies—comes with hidden costs and risks. This entry in our BSIMM Monthly Insights series was contributed by guest author Stacy Mo… Continue reading The hidden costs and risks of free puppies (and open source)