The Depository Trust & Clearing Corporation (DTCC) is the world’s largest financial services post-trade infrastructure organization, having cleared and settled more than $1.4 quadrillion (USD) worth of securities in 2005. In the highly competitive financial services industry, the secure processing of transactions is vital to DTCC's success, which is why DTCC integrated security testing into the application development processes.
Read More
|
Businesses are being held increasingly accountable for their business application security—by customers, partners, and government. Unfortunately, most businesses are playing catch-up with security. What’s really needed are processes that fix the software development cycle by weaving security expertise into software acquisition, development, and deployment. Businesses that don’t take a process-oriented approach today may end up chasing application security forever.
Read More
|
In searching for tools to implement an effective application-security strategy, managers have a choice between two technological approaches: dynamic analysis and static analysis. Available in a variety of freeware and commercial automated tools, both approaches promise comprehensive detection of security vulnerabilities. But a truly effective strategy may require a mix of both.
Read More
|
Application security is an important emerging requirement in software development. This article introduces CLASP, an application security process and plug-in to IBM 's Rational Unified Process environment. It was developed by Secure Software, and gives organizations a structured way to address security concerns during the software development lifecycle.
Read More
|