The Secure Coding Collection: Volume 2

A collection of articles to help you understand efforts to work security into products from the very beginning of development.

For many years now, we've heard the experts preach about the need for more secure code writing at the very start of a product's development.

The good news is that this has led to the creation of several strong coding standards. The bad news is that it can be difficult for developers to sort through all the different guidelines in front of them.

It's not unlike the confusion IT security executives sometimes feel when trying to find the common threads floating in all the regulatory soup they've been told to drink.

To make things a bit easier, we've developed a vast collection of stories that sort through the different standards and the common elements within them all.

We covered one batch of articles in the first code security survival guide. This installment covers what we've covered in the two years since then.

Rugged DevOps: In search of the defensible infrastructure

DevOps moves too fast to build security into the process, some say. Not true, say others who believe one just needs to get a little Rugged.

In search of Rugged

Right now, the most tangible part of Rugged is its manifesto, which is aimed at developers. But to succeed, it needs to be something more. Much more.

Most companies skimp on third-party code checks, study finds

Despite all of the talk surrounding the importance of software quality, a study released today shows few companies are walking the secure development walk.

More secure software brought to you by the acronyms WRT and SQR

HP's Rafal Los on what organizations can do -- today -- to improve the security of the applications they develop.

How security can add value to DevOps

Gene Kim, award-winning entrepreneur, researcher and founder of security firm Tripwire, walks us through his vision.

Secure coding news flash: BSIMM3 coming

BSIMM3 will let organizers see how initiatives have evolved. One of its new features is the result of the group going back and re-measuring 12 of the original initiatives, to see what changes and improvements have made over time.

Copyright © 2012 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)