|  Home   |  Forums   |  News   |  Blog   |  Reviews   |
 Satellite   Digital TV   IPTV   Cable   HDTV   Computers   Games   Mobile Phones   Broadband   Internet   Security   Telecoms   USB   VoIP   Wireless 

IT Security News feed IT Security News

All Tech News feed All Tech News

April 7, 2010

Software developers taking security message on board

Bookmark and Share

by Janet Harris

Research just released in the US claims to show that the message about secure coding is starting to get through to software developers in large organisations.

And, says Fortify Software, this is excellent news, as it means that customised and in-house developed applications should start to be less liable to security flaws and loopholes.

“The research from our colleagues at Errata Security is interesting since it shows the uptake of software security assurance platforms from the likes of Microsoft is moving forward,” said Richard Kirk, European director with the application vulnerability specialist.

“Besides finding that Microsoft SDL and Microsoft SDL-Agile are the most popular secure coding platforms in use, the study’s researchers also found that more than half of those interviewed included preventative security activities in the development lifecycle of their software,” he added.

According to the Fortify director, the study also found that firms with product development teams of under 10 people manage to implement formal methodologies more successfully than companies of more than 100 members of staff.

Kirk went on to say that Fortify’s own observations have shown that the main causes of software vulnerabilities stem from the early stages of the software development lifecycle.

“Our own research, he explained, tells us time and time again about the need for regular code auditing as part of a development process, as this ensures that software that is being developed is inherently secure,” he said.

“In other words `building security in’ – as opposed to attempting to add it after the fact – is the best option. This approach is not only more cost effective, but also results in applications that are much more secure because security was considered at every stage in the development process,” he said.

“Errata’s research is excellent news for any organisation that uses software in any shape or form, as it shows the message that application security is a distinct, but essential, part of information security is getting through to where it matters – the software developers,” he added.

Story link: Software developers taking security message on board


Discuss this in the Techwatch Forums

Related news to "Software developers taking security message on board"




No Comments »

No comments yet.

Leave a comment


Previous: «
Next: »

Visited 231 times, 9 so far today

Tags: ,



TechWatch © 2005-2010. All rights reserved  |  About  |  Staff  |  Privacy  |  Disclaimer  |  Press/Media  |  Contact us