Measuring the effectiveness of application security policies

Monday, 6 February 2006, 12:37 AM EST

It's easy for software vendors to insist that their products are safe, simply by pointing to the small numbers of vulnerabilities detected. But, as David Chisnall notes, statistics lie: Just because a package has few REPORTED vulnerabilities, that doesn't mean that it actually HAS few vulnerabilities, or address the severity of the holes that are reported. In this article Chisnall argues the true measure of security is what happens once a vulnerability is found.

At InformIT.

[ Read more ]




Spotlight

Hackers indicted for stealing Apache helicopter training software

Posted on 1 October 2014.  |  Members of a computer hacking ring have been charged with breaking into computer networks of prominent technology companies and the US Army and stealing more than $100 million in intellectual property and other proprietary data.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //