Let’s imagine you discover a string of suspicious code within one of your applications. Perhaps a routine scan by your application testing team finds a point of interest that indicates malcode, such as a time bomb or backdoor, has been inserted by a malicious insider within your software supply chain. First, you breathe a huge […]
The bad news is that software gets hacked. The defects or vulnerabilities that attackers take advantage of to hack software can be made by an organization internally, or by their vendors or partners. The good news is that remediation methods to resolve these defects and vulnerabilities are well known. Organizations with a mature software security […]
Posted in Maturity Model (BSIMM), Penetration Testing, Software Development Life Cycle (SDLC), Software Security Program Development | Comments Off on How Proactive Is Your Software Security Initiative?