Software Security Assurance Update

SPOTLIGHT ON: Software Security Assessments

 Volume 3, Issue 1

Greetings from SSA Update, a quarterly newsletter from Ounce Labs that covers the developing arena of Software Security Assurance. This issue presents actionable information on the people, processes, and technology required for effective software security assessments.

IN THIS ISSUE:

SPOTLIGHT ARTICLES
New Research Report: Opening the Black Box

Homeland Security and Software Security:
News from the Software Assurance Forum

Tapping Third Party Services for Software Security
Assurance
Dispatches from the RSA Conference

Q&A With Jeff Williams, chairman of OWASP
CEO of Aspect Security

IN THE NEWS
Audio Postcast from RSA: Victor Garza interviews
Ounce Labs' CTO and founder Jack Danahy, InfoWorld
Building Better Applications: Beyond Secure Coding
EnterpriseSystems

OUNCE POLL

UPCOMING EVENTS

SPOTLIGHT ARTICLES

New Research Report: Opening the Black Box

This important new research examines results of a detailed security analysis of some of the most downloaded open source applications and outlines the best methods for uncovering and eliminating software vulnerabilities.
Click here for full article


Homeland Security and Software Security: News from the Software Assurance Forum

The semi-annual Software Assurance Forum, co-sponsored by the Department of Homeland Security and the Department of Defense, was held recently in Washington, D.C. Read this overview of software assurance initiatives and best practices presented at the Forum.
Click here for full article
 

Tapping Third Party Services for Software Security Assurance

Increasingly, organizations are turning to third party resources to provide services for software security auditing and consulting. This article outlines the drivers behind this trend and highlights the approach of one of the leading firms in this arena, Crowe Chizek.
Click here for full article
 

Dispatches from the RSA Conference

Application security was front and center at the annual RSA Conference in February. Read this report with highlights from the world’s largest security conference.
Click here for full article
 
Read a brief Q&A Jeff Williams, chairman of OWASP and CEO of Aspect Security, sat down recently for a brief conversation with SSA Update about the evolving state of software security, best practices, and practical steps forward.

IN THE NEWS

Audio Postcast from RSA: Victor Garza interviews Ounce Labs' CTO and founder Jack Danahy
InfoWorld journalist Victor Garza took a few moments on the floor of the RSA Conference to discuss the latest trends in software security with the Ounce Labs founder and CTO.

Building Better Applications: Beyond Secure Coding, Enterprise Systems Journal
Journalist Mathew Schwartz examines the culture of insecure coding, and the processes and technologies that are available to address the fundamental design, policy, and coding flaws that all must be addressed to ensure the security of an application.

What group in your organization holds primary responsibility for application security? [select one]
IT Security
Development
IT Audit
All of the above
Other


OUNCE ANNOUNCES

 February 14, 2006
OUNCE LABS AND ASPECT SECURITY PUBLISH REPORT ON OPEN SOURCE VULNERABILITY ANALYSIS

February 14, 2006
MFS INVESTMENT MANAGEMENT CHOOSES OUNCE LABS FOR SOFTWARE SECURITY ASSURANCE

February 14, 2006
OUNCE LABS SOLUTIONS CHOSEN BY CROWE CHIZEK TO BUILD NEW SOFTWARE SECURITY ASSURANCE PROGRAMS

UPCOMING EVENTS

 May 1-4, 2006
Systems & Software Technology Conference
Salt Palace Convention Center
Salt Lake City, UT
Booth #202

June 6-7, 2006
Gartner IT Security Summit
Marriott Wardman Park Hotel
Washington, DC
Platinum Sponsor
Ounce Labs  |  100 Fifth Avenue  |  Waltham, MA 02451  |  www.ouncelabs.com  |  866-33-OUNCE