IN
THIS ISSUE:
 SPOTLIGHT
ARTICLES
 Auditing
for Software Security: Announcing a New Software
Security
Audit Framework
Software
Risk and Regulatory Compliance: At-A-Glance
Guides
CIO
Magazine: The Seven Critical Questions About
Software
Risk
Ounce
Product Highlights: Automating, Measuring and
Managing
Software Risk
Q&A
With Rick Rosenburg, Managing Partner, Defense
and
Intelligence, Unisys U.S. Federal Government Group
IN
THE NEWS
Finding
Flaws in Old Application Code, InformationWeek
OUNCE
POLL
UPCOMING
EVENTS
SPOTLIGHT
ARTICLES
Auditing
for Software Security: Announcing a New Software Security
Audit Framework
Read this introduction to a groundbreaking new software security
audit guide, written by Charles Le Grand, one of the most trusted
names in information assurance and auditing. The Framework is
intended to help organizations understand the processes, controls,
stakeholders, and due care necessary for measuring and managing
software risk. Click
here for full article
|
Software
Risk and Regulatory Compliance: At-A-Glance Guides
With the rising implementation of internal frameworks such as
COSO and CobiT, understanding the intersection of those controls
with regulatory requirements such as FISMA, SarbOX, and GLBA
has become critical. Ounce Labs' new series of compliance guides
illustrate at a glance how Software Security Assurance initiatives
align with the requirements of necessary and sufficient internal
controls and regulatory compliance. Click
here for full article
|
Executive
Call to Action: "Is Your Software Putting You At Risk?"
 Originally
published in CIO and CSO Magazines, this article features perspectives
from industry experts, executives, and representatives from
the Department of Homeland Security about the need for executive-level
involvement in software security assurance. Features the Seven
Critical Questions about Software Risk that executives must
ask in their organization to assess and manage that risk appropriately.
Click
here for full article
|
Ounce
Product Highlights: Automating, Measuring and Managing Software
Risk
Audit reporting. Policy Enforcement. Trend reporting. Take a
quick look at some of the Ounce Labs product features that can
help you in your software security assurance efforts. Includes
a sneak peek at SmartTrace™, an interactive call graph
trace capability featured in our upcoming Fall release of Prexis
v3.2! Click
here for full article
|
 Read
a brief Q&A Rick Rosenburg, Managing Partner, Defense
and Intelligence, Unisys U.S. Federal Government Group, recently
spoke with Ounce Labs about the their work helping Federal agencies
achieve FISMA compliance, the importance of software security
assurance in that arena, and the value of the Unisys/Ounce Labs
partnership in their compliance and risk management work. |
IN
THE NEWS
Finding
Flaws in Old Application Code
InformationWeek covers the release of the new software
security audit framework authored by Charles Le Grand, CISA,
CIA, and sponsored by Ounce Labs. |
|
What factors are driving your concern for measuring and managing
software risk? * (check all that
apply)
OUNCE ANNOUNCES
UPCOMING EVENTS
|
|
