Software bugs have always been a part of software, but new pressures appear to be motivating programmers to give more thought to security early in the development processes. To provide some ideas on how to make sure security is an integral part of the code written for your company, CSO offers a list of timely columns, articles and other resources.

MidAmerican Energy Co., the largest utility in Iowa, presents one case study on how to make sure security is built into software from the beginning. After its website was attacked via an SQL injection flaw about a year ago, MidAmerican reviewed its entire security environment, CSO's Bill Brenner writes. The number one problem, it discovered, was in the code running its applications for online billing, power distribution and many other operations.

The utility company found that its quality-assurance procedures could use some improvement, and it developed an application security program to include with QA. After the IT staff determined that they needed to review all of the company's code, MidAmerican purchased a code reviewing tool that scanned 900,000 lines of code in a month. 

Most significantly, programmers at MidAmerican now make security a part of their job from the outset, Brenner reports.

For more:
- see Bill Brenner's article at CSO
- see CSO list of code security resources

Related Articles:
Experts ponder software security conundrum
The role of IT in Wall Street's "flash crash"