Resources: SDLC (RSS)

Showing Resources: 110 of 13

The Path to a Secure Application

A Source Code Security Review Checklist

Global Telecommunications Provider Builds Security into the SDLC at Low Cost & High Value

Code review is a well-regarded practice for improving quality and security, but it has historically been a seldom-applied technique because of its cost in time and resources. Through the tailored use of the Ounce tools and their output, it is now practical to perform security analysis ...

Secure at the Source

Implementing Source Code Vulnerability Testing in the SDLC

FAQ: Secure Programming

Frequently Asked Questions about the most effective ways to include source code analysis in a secure development process

FAQ: Application Security Testing and Assessment

Frequently Asked Questions about the application security testing and assessment process

Global Defense Systems Integrator Secures the Development Life Cycle

A global defense systems integrator initiated a secure coding initiative program to select and deploy a solution which would add software security best practices to throughout the development lifecycle. ...

WEBCAST: The Path to a Secure Application

Ryan Berg, Chief Scientist for Ounce Labs, discusses the critical areas in source code that must be reviewed to find and eliminate the flaws that threaten private data.

PODCAST: Vulnerabilities in the Spring Framework

Two leading researchers from the Ounce Labs Advanced Research Team discuss their recent documentation of two vulnerabilities in the commonly used Spring framework that is utilized for creating dynamic, robust, highly scalable Web applications in Java.

WEBCAST: Software Security Governance in the SDLC: A Practical Approach

Anthony Gerkis of Accenture and Jack Danahy of Ounce Labs discuss best practices to manage and measure security in the SDLC

Software Security Governance in the Development Lifecycle

A Practical Guide from Accenture and Ounce Labs