November 2008 - Issue 4

View Online

Tell a Friend
Top Banner
Editorial Corner


Brian Chess

Getting your boss's attention … Bad guy or security guy? ... Test automation 

Hello. I'm Brian Chess, co-founder and chief scientist at Fortify Software. Don't miss our feature article, When the Hacker Is at the Door. You'll want to read about how to get management to understand the importance of IT security and governance. 

How do you motivate colleagues to keep security on their minds during development? Our readers know how. Read their advice in Bad Guy or Security Guy? 

Security testing is tricky. What do you do to automate the testing process and still get maximum security? One of our readers needs help. Please share your thoughts about this.

Please let us know how successful we are at including articles relevant to you by taking a one-minute reader survey. You could win a complimentary copy of Secure Programming with Static Analysis.

If you would like to unsubscribe from this newsletter, please click on link at the bottom of the page.

Feature Story
Feature

When the Hacker Is at the Door

How to get what you need from executives

by Barbara Morris, Editor, Secure Software Advisory

Do you feel like you're shouting "appsec" in the wilderness these days?

Does your boss understand how crucial security is to the integrity of your enterprise?

Does your boss think that you’re crying wolf every time there's a new threat to your business applications?

Read more

The Case for Business Software Assurance

Learn about the 12 "Maturity Areas" and much more.

Download

Fortify Named Rising Star in Deloitte’s Technology Fast 50. Read More ...
Reader Survey

Complete our one-minute reader survey, and you could win the book, Secure Programming with Static Analysis.

Passing PCI Compliance

Voting in America

Open Source Security Study

How Safe is Our Democracy with e-Voting?

Subscribe here or manage your subscription.
 

OWASP

CERT

More ...

Security & Privacy

darkREADING

More ...
September 2008
Issue 3
August 2008
Issue 2
July 2008
Premier
[More...]

FortifyApplication Security Over-confidence: Facts & Myths Revealed
Interview with Fortify Software Founder, CTO Roger Thornton

Application security is a key focus of regulatory agencies -- ensuring that financial institutions pay as much attention to third-party applications as they do to those they develop and manage in-house.

BISIn this exclusive interview, Roger Thornton, founder and CTO of Fortify Software, discusses the survey results and his own market perspective, how the survey results compare with what he sees from customers and the disconnect between confidence and processes, as well as some of the proactive, cost-effective ways companies can tackle application security. Learn more ...

What's Your Best Advice?
This Issue's Dilemma

This Issue's Dilemma: 

Scare Tactics Are in Order

When it comes to being proactive, I have a hard time getting our executive team on board. To the tech team, it is obvious that a repeatable software security procedure or system for a repeatable way of doing things ensures stability.

However, if it requires an expense of money or time, the executive team is not so keen on giving us the budget needed. There are plenty of scary security stories out there, but what will get through to the leadership? Do your readers have some security horror stories that I can use to put the fear of God into my executive team? -- Jarod (company name withheld)

This Issue's Dilemma Can You Help? Share your experience or your best advice, You could win a copy of Secure Programming with Static Analysis, by Brian Chess & Jacob West, a $49.95 value.

Got a business problem or question for our readers to tackle? 

Previous Issue's Dilemma

Last Issue's Dilemma

Bad guy or security guy? 

On our development team, I’m "the security guy" in our small organization. Most of the time, I have to clean up security holes others have produced. How do I best motivate my colleagues to have security on their mind during development? Should I point out their code problems and work with them to fix them? Or should I continue to be the Bad Guy and delay the project until they code it right?

 -- John B. (company name withheld)       Read what our readers have to say.

Communication and Leadership

Ouch! Security Pros' Worst Mistakes

Four security pros candidly explain their biggest blunders

by Bill Brenner, Senior Editor - CSO Security and Risk
 

The Cyber Security Quagmire

Be sure to test for security beyond firewalls, virus scanners and encryption

by Tom Kellermann - Bank Technology News

The Increasing Threat

Weak Encryption Creates SOA Vulnerabilities

Is the implementation faithful to your design?

by Rich Seeley, News Writer - SearchSOA.com
 

Presidential Elections Will Stuff Inboxes

Wait 'til hackers begin leveraging interest in the elections

by Richard Adhikari - InternetNews.com

Getting Things Done

Effectively Managing Your Multitasking Day

Eight tips help you avoid the stress of your workday

by Michael Guld - AdvisorToday.com
 

Home Sweet Office

Telecommute -- good for business, employees and planet

by Brendan I. Koerner - Portfolio.com
fortifylogo.gif
productsandservices.gif solutions.gif resourcecenter.gif customers.gif partners.gif newsandevents.gif aboutfortify.gif

"ConnectedIn Media consulted in the development of our e-newsletter and
made the process easier than we ever expected."

-- Sherry Ramm, Director of Global Marketing
Fortify is concerned about your privacy. We do not rent, sell or exchange email addresses. Copyright 2008, InternetVIZ. All rights reserved. You can write to us at 2215 Bridgepointe Pkwy, Suite 400, San Mateo, CA 94404.

You are subscribed using the following email address: sample@tailoredmail.com. If you wish to change your selections or unsubscribe altogether, click below.

:: Subscribe to this newsletter ...
:: Unsubscribe
:: Forward
:: Manage

Powered by TailoredMail