Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Application Developers Using Secure Coding For In-House Code

Fortify : 08 April, 2010  (Technical Article)
Fortify Software comments on the increased level of uptake by US software developers of secure coding and testing techniques when developing bespoke applications
Research just released in the US claims to show that the message about secure coding is starting to get through to software developers in large organisations. And, says Fortify Software, this is excellent news, as it means that customised and in-house developed applications should start to be less liable to security flaws and loopholes.

'The research from our colleagues at Errata Security is interesting since it shows the uptake of software security assurance platforms from the likes of Microsoft is moving forward,' said Richard Kirk, European director with the application vulnerability specialist.

'Besides finding that Microsoft SDL and Microsoft SDL-Agile are the most popular secure coding platforms in use, the study's researchers also found that more than half of those interviewed included preventative security activities in the development lifecycle of their software,' he added.

According to the Fortify director, the study also found that firms with product development teams of under 10 people manage to implement formal methodologies more successfully than companies of more than 100 members of staff.

Kirk went on to say that Fortify's own observations have shown that the main causes of software vulnerabilities stem from the early stages of the software development lifecycle.

'Our own research, he explained, tells us time and time again about the need for regular code auditing as part of a development process, as this ensures that software that is being developed is inherently secure,' he said.

'In other words `building security in' - as opposed to attempting to add it after the fact - is the best option. This approach is not only more cost effective, but also results in applications that are much more secure because security was considered at every stage in the development process,' he said.

'Errata's research is excellent news for any organisation that uses software in any shape or form, as it shows the message that application security is a distinct, but essential, part of information security is getting through to where it matters - the software developers,' he added.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo