SEARCH RESULTS
 
Showing 1-10 of 343 records
 
Expand article

Podcast: Cloud Computing, Software Development, Testing and Security

The Article has images
2008-11-09 11:57:10 by Craig Balding in Cloud Security
...development and testing. Notice I say could - I continue to see great potential benefits but some of these require us to rethink how we do things as end-users and depend on the Cloud Computing ecosystem maturing enough to deliver them (e.g. security monitoring of Cloud API calls This was recorded prior to the Microsoft Azure announcement...
 
Tags: cloud, software development, software, cloud computings impact, security, podcast, cloud api calls, advantages cloud, podcast segments
 
 
 
 
Expand article

Shimel's rules of business development and negotiating - Keep your eye on the prize

2008-06-13 12:39:00 by HASH0x8b0a484 in StillSecure, After All These Years
 
...development. The biz dev role is something I have done for a long time for several companies. Having a decent grasp of technology, insight into business and my legal training have helped me to conclude many successful business deals over the many years I have been at it. Over the years I have also had the opportunity to work with many good...
 
Tags: business, deals drag, deals, successful business deals, business terms, people, biz dev people, single agreement, single
 
 
 
 
Expand article

Visit the New SDL (Security Development Lifecycle) Web Site

The Article has images
2008-06-20 00:08:18 by jrjones in Jeff Jones Security Blog
...Development Lifecycle (SDL) web site went up earlier this month on microsoft.com. Amazingly, you can navigate to it via http://www.microsoft.com/sdl , instead of some long name you'd never remember Of course, once you navigate to that URL, you get redirected to a long url that you'll never remember that is on the MSDN subsite, which is...
 
Tags: sdl, sdl tools repository, sdl process guidance, sdl home page, security, security development lifecycle, sdl-like processes, web site, process
 
 
 
 
Expand article

Shimel's rules of business development and negotiating - Keep your eye on the prize

2008-06-13 13:39:00 by ashimmy in StillSecure, After All These Years
 
...development. The biz dev role is something I have done for a long time for several companies. Having a decent grasp of technology, insight into business and my legal training have helped me to conclude many successful business deals over the many years I have been at it. Over the years I have also had the opportunity to work with many good...
 
Tags: business, deals drag, deals, successful business deals, business terms, people, biz dev people, single agreement, single
 
 
 
 
Expand article

Yet another benefit of executive support for SDL...

2007-11-15 23:04:00 by sdl in The Security Development Lifecycle
 
...development efforts even more As we have alluded to many times in the past, our success with the SDL has been predicated on a number of factors - however I'd like to focus on one very important factor - namely executive support for the work that we do One could argue that the support we receive from executive management is borne out of...
 
Tags: community, security researcher community, security, security tools, security efforts, security tool development, windows security assurance, security science team, team
 
 
 
 
Expand article

Walking with the SDL Part 2

2008-07-21 16:56:00 by sdl in The Security Development Lifecycle
 
...Development Lifecycle (SDL). Walking is the point where your security development practices become a lifecycle a repeatable, reusable process that makes security a part of your development culture. To relate the analogy to SDL a bit more closely, think of crawling as the SD in SDL. For this post, well continue to talk about walking or adding...
 
Tags: define security requirements, security requirements, requirements, security, security development lifecycle, development lifecycle, security pulse, perform security analysis, principles
 
 
 
 
Expand article

SDL and the XSS Filter, Revisited

2008-09-08 20:18:00 by sdl in The Security Development Lifecycle
 
...development teams; after all, development is the D in SDL. Now, development teams are made up of more than just developers. Development teams include everyone involved in the development process from management on down. But development teams dont include end users. While XSS Filter is a great, innovative XSS defense technology, theres really...
 
Tags: xss, xss filter, persistent xss, server-side xss defense, development teams include, development teams, development, sdl, sdl requirements
 
 
 
 
Expand article

"Walking" with the SDL - Part 1

2008-07-18 16:55:00 by sdl in The Security Development Lifecycle
 
...Development Lifecycle (SDL In this series I am going to talk about Walking with the SDL. Walking is the point where your security development practices become a lifecycle a repeatable, mostly reusable process that makes security a part of your development culture. To relate the analogy to SDL a bit more closely, think of crawling as the SD in...
 
Tags: development, secure development practices, development culture, security development practices, sdl, security, security practices, perform security analysis, application security
 
 
 
 
Expand article

"Walking" with the SDL - Part 4

2008-07-25 20:49:00 by sdl in The Security Development Lifecycle
 
...Development Lifecycle (SDL) [ Part 1 , Part 2 , Part 3 ]. So far I have discussed getting management approval, expanding security training, formalizing security requirements and effective ways to reuse your threat model or attack surface review data. In this post, I will wrap up with a look into setting up final security reviews and managing...
 
Tags: team, product team, requirements, define requirements, security requirements, security, final security report, threat models, re-review threat models