Premium Content

Access "Software lifecycle: App security still struggling to find a fit"

Published: 16 Apr 2013

I was shocked the first time I heard the words "security" and "software lifecycle" used in the same sentence. Wasn't security something that happened after the development process, not during it? My understanding of what security entailed changed forever 10 years ago, when, as a reporter covering software development, I was assigned the brand-new application security beat. Jennifer Lent And what a great beat it was. Venture capital firms were investing serious money in security startups such as Fortify Software. Along with SPI Dynamics and Watchfire, among others, Fortify advanced an idea most software professionals hadn't heard before: Instead of waiting for the security team to erect a fortress around Web applications and data, developers and testers could rely on tools -- source code analyzers and dynamic pen testers -- to help create code that was inherently harder to attack. Surely this new approach of building security into the software lifecycle could help stem the tide of high-profile data thefts that kept making headline news -- or so the thinking ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside


More Premium Content Accessible For Free

  • New talent management software transforming HR

    Human resources departments have long been associated with rubber stamps and reams of paper forms. But new talent management software -- technology ...

  • HTML5 rewrites the rules on website, mobile app development

    For Web and mobile application developers, advances in HTML5 mean big changes. The fifth iteration of the Hypertext Markup Language has freed ...

  • Determine if NoSQL databases are right for your organization

    NoSQL databases offer more flexible alternatives to mainstream relational software, particularly for big data applications. But NoSQL offerings ...