Company Blog
Software Security Framework
Brian Chess and I just published an article on the Software Security Framework displayed below. Governance Intelligence SDL Touchpoints Deployment Strategy and Metrics Attack Models Architecture Analysis Penetration Testing Compliance and Policy Security Features and Design Code Review Software Environment Training Standards and Requirements Security Testing Configuration Management and Vulnerability Management Our plan is to [...]
What Measures do Software Vendors Use for Software Assurance?
My last project for my former employer (Software AG) was a study of what software vendors do to achieve software assurance. The goal of the study was to see whether we (Software AG) were at, above, or below the norm, and to adjust investments in assurance accordingly. All but one of the vendors who participated [...]
Justice League’s Newest Blogger
Greetings! I’m Jeremy Epstein, the newest member of the Cigital blogging team. I’ve joined Cigital after nearly 9 years with Software AG (and webMethods, before it was acquired by Software AG), and will be focused on software security in the federal space. Software security is a passion of mine – I’ve been talking about it, [...]
