iStock_000019280346XSmall

“It will never happen to me”- thoughts about security awareness

Mar 28, 2013 By carolineb

Today’s targeted cyber-attacks force organizations to act rapidly and involve more and more security professionals in order to secure their software. Security education awareness focuses on the need to involve developers in the security testing process. These are great blog posts surrounding security awareness and education; we thought it’s worth a share.

Security Awareness Training

By Bruce Schneier, March 27, 2013

Should companies spend money on security awareness training for their employees? It’s a contentious topic, with respected experts on both sides of the debate. I personally believe that training users in security is generally a waste of time, and that the money can be spent better elsewhere. Moreover, I believe that our industry’s focus on training serves to obscure greater failings in security design.

Continue reading

 

Developers and QA doing security testing: I’ve got management buy-in, now what?

By Dan Kornell, March 18, 2013

One of the things I do is answer questions as an “expert” for the web site SearchSoftwareQuality.com and they recently posted an answer I gave to a question about how to get developers and quality assurance folks to do security testing. You can see my blog post about this here as well as the original question and answer here. After I posted this online, Aaron Weaver on Twitter asked a great question: “What else beside management buy-in?”

Continue reading

 

 

The following two tabs change content below.

carolineb

Latest posts by carolineb (see all)

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.