DHS Unveils New Programs for Software Security

	August 2011 - Issue 17	View Online	Tell a Friend

At the Warfighter's Edge … Securing legacy systems … Emerging technologies

In this month's feature, U.S. Air Force Lieutenant Colonel Andy Berry talks about a program designed to automate and validate combat mission-briefing data in real time -- "Warfighter's Edge" or WEdge. He also shares the system's best security practices as they relate to application security requirements and explains how this real-time data lets troops quickly highlight and resolve issues and helps keep them safe.

Has securing legacy systems become a concern in your organization? In this month's best advice column, readers give suggestions on how to identify high-risk systems, assess the problems and take action.

Also this month, one of our readers wants suggestions on the most promising emerging technologies that will impact cybersecurity in the next year or two. Please share your knowledge with him.

Let us know how successful we are at including articles relevant to you by taking a one-minute reader survey. You could win a T-shirt for answering the survey or this month's dilemma, or for submitting a question about a challenge you face.

A Truly Mission-Critical Application

Warfighter's Edge programs help protect combat air crews

by the Federal Secure Software Advisory Editors

U.S. Air Force Lieutenant Colonel Andy Berry knows what it's like to lift an F-16 fighter off the runway and take it into a combat zone. He knows all about sending his wingman back to a wedge formation to better engage the enemy, deliver ordnance or maneuver the jet through an instrument approach. So when he needed a name for his brainchild -- a program designed to automate and validate combat mission briefing data in real time -- "Warfighter's Edge," or WEdge, was an intuitive choice. Read more

Software Security Delivered in the Cloud

HP Fortify on Demand: The quickest, most affordable way to accurately test and score the security of any application.

	HP Unveils Real-Time Application Security Testing Tool
	Gray, the new Black: Gray-Box Web Vulnerability Testing
	Vangent provides 24/7 apps support for Military Health System

Complete our one-minute reader survey and you win a Fortify T-shirt.

Subscribe here or unsubscribe your subscription.

	NIST-Performance Measurement Guide for Information Security
	NIST-Computer Security Resource Center

	ASIS International-ASIS
	Open Web Application Security Project-OWASP
	Computer Security Institute-CSI

Off by On: The Latest on Software Security Assurance

Inevitable Surprises ... in Cyber Security

	Government Security News
	Government Computer News
	Federal Computer Week
	Washington Technology

Real-time hybrid analysis marks substantial evolution in software security testing

It provides unique access to application information missing from the two most effective software security analysis technologies in use today -- dynamic and static testing. Using real-time hybrid analysis, organizations can analyze software with far greater thoroughness, precision and efficiency than previously possible to identify more vulnerabilities, improve the accuracy of diagnosis, speed remediation efforts and simplify software security processes.

This month's complimentary white paper, Real-time hybrid analysis: Find more, fix faster, will help security practitioners, software developers and management alike understand what hybrid security testing is and the benefits it can deliver.

Learn more ...

Previous Issue's Dilemma:

How to secure legacy systems?

Our organization still has some legacy systems, mostly client/server systems developed during the first generations of Web-based applications. Do readers have any suggestions on how best to secure these systems?

-- Jack S. Read what others had to say.

This Issue's Dilemma:

Tips wanted on emerging technologies

I would like to know if readers have any tips to share about the most promising emerging technologies that will impact cybersecurity in the next year or two. If you have implemented a new technology, I'd like to hear which it is and how it's working for you and your agency. -- Jack B.

Can You Help?

Share your experience or your best advice, and you could win a Fortify T-shirt!

National Data Breach Notification Bills Resurface
The push for federal disclosure
by George V. Hulme - CSO Online

United Against Global Cybercrime
Experts support Obama strategy to fight international threats
by Tracy Kitten - Government Info Security

Securing Critical Networks
Interactive infographic to guide private and public cybersecurity
by Aliya Sternstein - Nextgov.com

US Bill Would Make Concealing Data Breaches a Crime
Senator Leahy tries again
by Dan Goodin - The Register (UK)

NIST Proposes Privacy Safeguards for Federal IT
Will become part of FISMA guidelines
by Wlliam Jackson - Federal Computer Week

DHS Unveils New Programs for Software Security
Common Weakness Risk Analysis Framework
by Angela Moscaritolo - SC Magazine

Issue 16

[More...]

"ConnectedIn Media consulted in the development of our e-newsletter and
made the process easier than we ever expected."

-- David Baer, Director of Global Marketing

Fortify is concerned about your privacy. We do not rent, sell or exchange email addresses. Copyright 2011, InternetVIZ. All rights reserved. You can write to us at 2215 Bridgepointe Parkway, Suite 400, San Mateo, CA 94404.

You are subscribed using the following email address: . If you wish to change your selections or unsubscribe altogether, click below.

HP respects your privacy. If you'd like to discontinue receiving emails from HP regarding special offers and information, please click here.

For more information regarding HP's privacy policy or to obtain contact information, please visit our privacy statement or write to us at HP Privacy Mailbox, 11445 Compaq Center Drive W., Mailstop 040307, Houston, TX 77070

If you would like to subscribe to our email list to receive future promotions and special offers, please click here.