December 2009 - Issue 5

View Online

Tell a Friend
Top Banner
Editorial Corner

False sense of security ... Scare tactics ... Automating testing 


Brian Chess

Hello. I'm Brian Chess, co-founder and chief scientist at Fortify Software. Don't miss our feature article, Heads in the Sand. You’ll want to read about how many business leaders believe, despite all data to the contrary, that their software is secure.  

If you've found that you're having problems getting management to take security issues seriously, our readers give you some ideas

What do you do to automate the testing process to get a minimum of security? One of our readers needs help

Please let us know how successful we are at including articles relevant to you by taking a one-minute reader survey. You could win a complimentary copy of Secure Programming with Static Analysis. Congratulations to Drexx Laggui, analyst at L&A LLC, for being this quarter's winner!

If you would like to unsubscribe from this newsletter, please click on link at the bottom of the page.

Feature Story
Feature

Heads in the Sand

Beware of a false sense of security

by Barbara Morris, Editor, Secure Software Advisor

In a recent online survey by Zogby International, many business decision-makers revealed a shocking conviction that their companies were impregnable to security breaches, despite underlying concerns about hacker attacks. While 34 percent have no tools/procedures in place to detect identity fraud, 44 percent believe that a security breach would have minimal to no financial impact on their business.

Read more

The Case for Business Software Assurance

Learn about the 12 "Maturity Areas" and much more.

Download

Fortify is Champion in Bloor's Analyst Report

More ...
<IMG ALT=

Complete our one-minute reader survey, and you could win the book Secure Programming with Static Analysis.

Voting in America

Open Source Security Study

How Safe is Our Democracy with e-Voting?

Subscribe here or manage your subscription.

OWASP

CERT

More ...

Security & Privacy

darkREADING

More ...
November 2008
Issue 4
September 2008
Issue 3
August 2008
Issue 2
July 2008
Premier
[More...]

 

 
Complimentary White Paper

Ten Questions You'd Better Ask to Be Sure Your Company's Assets are Secure 

Fortify

Today’s business infrastructures rely upon software applications to manage corporate assets, automate critical business process and store private information. And most applications today contain security vulnerabilities that can be exploited for profit or malicious use. That's why most hackers today target the software, not the network infrastructure, in their attacks.

What can you do to be certain your company's software -- and assets -- are secure? Start by asking TEN essential questions. Download this complimentary white paper.

What's Your Best Advice?

This Issue's Dilemma:

This Issue's Dilemma

How should we automate our security tests?

Since security tests are expensive and time consuming, my company is starting to consider the idea of automating these tests. What do you do to automate the testing process to get a minimum of security? Any information you have about this subject is much appreciated. Which tools do you use? And by the way, how many people are involved? Thanks in advance for your suggestions. -- C. G. (name and company withheld on request)

This Issue's Dilemma Can You Help? Share your experience or your best advice, You could win a copy of Secure Programming with Static Analysis by Brian Chess & Jacob West, a $49.95 value.

Got a business problem or question for our readers to tackle? 

Previous Issue's Dilemma

Last Issue's Dilemma

Scare tactics are in order

When it comes to being proactive, I have a hard time getting our executive team on board. To the tech team, it is obvious that a repeatable software security procedure or system for a repeatable way of doing things ensures stability.

However, if it requires an expense of money or time, the executive team is not so keen on giving us the budget needed. There are plenty of scary security stories out there, but what will get through to the leadership? Do your readers have some security horror stories that I can use to put the fear of God into my executive team?

 -- Jarod (company name withheld)       Read what our readers have to say.

Communication and Leadership

Stop Whining, Start Thinking
Learn how to negotiate the bureaucracy
by Ram Charan - Business Week

How to Practice Good Communication Skills
When no one is hearing what you're saying
by Mark Edward Nero - California Job Journal

The Increasing Threat

The Best Defense Is a Good Offense
All systems secure
by Sean Michael Kerner - internetnews.com

Cybercrime as Destructive as Credit Crisis
Need for improving international regulations
by Sarah Marsh - Reuters

Getting Things Done

When a Good Boss Is Hard to Find
How to pinpoint problems
by Michael Kinsman - California Job Journal
The CIO of the Future
 The evolving role of the CIO
by Nathan Conz - Insurance & Technology
GS.gif
productsandservices.gif solutions.gif resourcecenter.gif customers.gif partners.gif newsandevents.gif aboutfortify.gif

"ConnectedIn Media consulted in the development of our e-newsletter and
made the process easier than we ever expected."

-- Sherry Ramm, Director of Global Marketing
Fortify is concerned about your privacy. We do not rent, sell or exchange email addresses. Copyright 2009, InternetVIZ. All rights reserved. You can write to us at 2215 Bridgepointe Pkwy, Suite 400, San Mateo, CA 94404.

You are subscribed using the following email address: . If you wish to change your selections or unsubscribe altogether, click below.

:: Subscribe to this newsletter ...
:: Unsubscribe
:: Forward
:: Manage

Powered by TailoredMail