| How to Write Apps Without the Security Sinkholes |
|---|
- CSO Senior Editor Bill Brenner interviews Gary McGraw and Sammy Migues from Cigital and Brian Chess from Fortify about their new maturity model for secure applications. The "Building Security In Maturity Model" was developed in collaboration with Cigital as a set of benchmarks for establishing and growing an enterprise-wide software security program.
- Listen
to Podcast
|
| An Alternative to Risk Management for Information and Software Security |
|---|
- In association with CERT, Brian Chess, Founder and Chief Scientist at Fortify Software, shows that the concept of risk is a poor foundation for tackling software security and assurance- a view which runs counter to popular wisdom. In this podcast, Brian presents an alternative approach drawing from what has worked well in other disciplines: standards, compliance, and process.
- Listen
to Podcast
|
| Application Security Over-Confidence: Facts & Myths Revealed for Banking Institutions |
|---|
- Application security is a key focus of regulatory agencies. In a recent survey targeting the Banking industry conducted by Information Security Media Group, respondents say they are more confident in their own applications vs. those developed by third-party service providers ... yet, they really don't demonstrate vulnerability assessment or remediation processes to justify any level of confidence. In this exclusive interview, Roger Thornton, founder and CTO of Fortify Software, comments on the survey results and his own market perspective.
- Listen
to Podcast
|
| Brian Chess and Jacob West Talk E-voting security with Robert Vamosi of CNET |
|---|
- Co-authors of Fortify's new report about E-voting security talk with Robert Vamosi of CNET. Brian Chess and Jacob West draw parallels between the electronic systems handling our votes and those that handle our financial transactions. They conclude with several ways the federal and state governments can work with voting machine vendors to adopt Software Security Assurance techniques into the systems they create.
- Listen
to Podcast
|
| Software Vulnerabilities with eVoting |
|---|
- Fortify Software conducted a candid interview with Avi Rubin, Professor at Johns Hopkins University and specialist in the field of eVoting security risks. He discusses the concerns around software security as well as the voting solutions surrounding software independence.
- Listen
to Podcast
|
| How
Europe's largest e-commerce business secures its applications |
|---|
- Adrian Asher, Chief Security Officer at Betfair, an online
UK betting exchange explains how he manages a “culture
of security” and protects the Betfair brand in this
20-minute candid interview.
- Listen to Podcast – Registration
required
|
| Securing
Your Brand and Guarding Your Image |
|---|
- With 1,000 transactions per second and almost $4,000 a minute
changing hands, guarding Betfaire’s trusted brand drives
the UK betting exchange’s security and image strategies,
says Chief Security Officer, Adrian Asher. Hear how he manages
a culture of security across his fast-growing company in this
20-minute candid interview.
- Listen
to Podcast – Registration
required
|
| Howard
Schmidt, Former CSO for Microsoft and eBay and Former White House Cyber
Security Czar |
|---|
- With an extensive background in police, military, government,
and industry security, Howard Schmidt explains how to respond
to the changing landscape of cyber threats and how business
leaders are helping set the standards for application security.
He then profiles industry role models who are setting the standard
for application security
- Listen
to Podcast – Registration required
|
News & Events 
