A few tidbits of news: VMware launches a new product for secure provisioning of
computers outside the enterprise, StrikeIron adds to its stable of Web services,
NS-BASIC moves to the desktop.
Microsoft's latest tool for fighting malware is a credible entrant in a market
that they helped create. I've taken it for a spin and like most of what I see,
despite some rough edges in the beta version.
These days all developers need to be security experts - but it doesn't hurt to
have some help. That's where DevPartner Security Checker comes in, helping you
keep an eye on the security issues in an ASP.NET application from start to
finish. With an extensive knowledge of secure coding practices, it can help
almost any ASP.NET developer do a more secure job.
It's pretty hard to be a developer these days and not think about security. But
many of us are having to catch up all of a sudden on the intricate and confusing
details of the Windows security infrastructure. Keith Brown's new book makes
learning what you need to know much, much easier.
The wave of consolidations sweeping the software industry has picked up two leading security vendors. Leading consumer antivirus maker Symantec Corp. and top enterprise storage and backup management products vendor Veritas Software announced this week that they will be tying the knot in the New Year.
The road to a professional career usually begins in college; now, a software vendor believes that same route can make for more secure software.
Our favorite security guru, Gary McGraw, has said it so often that it's almost a cliche: If you want secure systems, you've got to build security into the applications that run on them. A Rocklin, Calif.-based startup called Kenai Systems is now applying that maxim to Web services with what the company's founders believe are category-creating tools for developers.
Fortify's toolset is designed to catch security bugs through static code analysis. With editions covering a wide range of price and functionality, they're accessible to almost any developer.
Speaking last week in San Francisco, Tony Redmond, vice president and chief technology officer of HP Services, said his company was offering the new security suite because cyber attacks "are becoming more complex, more malignant, more persistent, and more pervasive."
As enterprise trends go, few are as likely to keep the network security guys up at night as the growth of telecommuting. According to a study release this fall by the International Telework Association & Council, the number of employees who performed any kind of work from home grew from 41.3 million in 2003 to 44.4 million in 2004.
Well, maybe not yet. But what does the future hold for those who consider their source code an important proprietary asset?
If there's one lesson to be learned from this month's set of Microsoft security
patches, it's that letting data into your system is rife with danger.
The need for enterprise security processes and procedures has become so pervasive that companies that do not include security as a component of their software deployments risk seeing their downtime rise from 5% in 2004 to 15% in 2008. This from market researcher Gartner in one of its latest reports, "Building a Sound Security Infrastructure: New Defenses for a New World of Threats."
The total number of virus attacks are down, but malicious codemeisters are getting faster, more sophisticated, and they're beginning to target e-commerce concerns and small businesses. That's the conclusion of a report published this week by security application provider Symantec.
Develop any software that processes JPEG files lately? Microsoft's latest
security bulletin may spell bad news for you.
Some pundits view IT security today as immature, insecure and out of control. Every organization should develop internal expertise in this area.
Qwik-Fix tries to prevent malware from attacking your computer by hardening Windows. In some cases, this fixes vulnerabilities months before Microsoft releases patches.
Think it's tough to exploit a buffer overflow in Windows? Download this tool and you might change your mind.
The Liberty Alliance Project, the non-profit trade group organized to develop open standards and tools for federated network identity, has added some more industry heavyweights to its ranks. Intel and Oracle were among seven organizations that joined as sponsor members recently.
RSA, Bsafe SWS-J, may spell relief for Java coders working on Web services applications. The new product provides security mechanisms based on the Oasis WS-Security standard that developers can simply add to their application.