software security

Latest Headlines

Latest Headlines

HP's new enterprise security tools detects malware phoning home, software bugs

HP unveiled on Wednesday new enterprise security tools that can detect communications between malware and a remote server as well as uncover bugs in enterprise software using machine learning.

Static analysis market anything but static

The static analysis market is taking off, fueled by the increasing development and use of software by enterprises, according to market research firm VDC Research.

Software is getting sloppier

Software has never been very secure, they say, but it may be getting even less so. An analysis by security firm Veracode recently found that 70 percent of applications fail to comply with security policies, beating out last year's 60 percent.

Developers, security pros and the quest to get along

Do your developers and security gurus get along great? If so, move along, there's nothing to see here.

Barclays tries new way to test software

Large enterprises that test software as a central function tend to manage the tests with repeatable, factory-like methods.  Barclay's Bank is among the pioneers of a new approach that enables testers to react, learn and adapt to situations as they evolve, reports Matthew Heusser at CIO magazine.

Do bug bounties make the Internet more secure?

Some big names in software have been offering bounties to researchers who find security vulnerabilities in their programs, while other big software makers forego the tactic. Mozilla, PayPal and Google have shelled out a lot of cash for bugs, while Microsoft, Apple and Adobe prefer not to pay for such discoveries. Do the bug bounty programs make the Internet any more secure, asks Kim Zetter at Wired.

Apple could take a tip from Microsoft on responsiveness

No software vendor is immune from selling flawed code, but some vendors handle their vulnerabilities better than others.

The costs and benefits of Microsoft's Secure Development Lifecycle

Last year Microsoft (NASDAQ: MSFT) saw its lowest level of critical vulnerabilities in five years, which was at least partially a function of the Secure Development Lifecycle component of its

Researchers expose security holes in SCADA systems

Manufacturing plants and critical infrastructure facilities may have received a rude awakening last week when researchers released exploit modules after finding major security flaws in industrial

Businesses hold third-party software to lower standards

There is a widening gap between the quality standards that businesses apply to the software they develop in-house and the software they get from other providers. Seventy percent of companies conduct