Resources
-
Ad: Reality Check Security Podcast
We’re happy to announce the debut of The Reality Check Security Podcast with Gary McGraw: The Reality Check Podcast with Gary McGraw focuses directly on software security practitioners and practical software security. Reality Check’s sister podcast, the Silver Bullet Security Podcast with Gary McGraw, follows a free form interview style t...
-
New podcast: Reality Check
I’m happy to announce the launch of my new podcast, the Reality Check Security Podcast with Gary McGraw: The Reality Check Podcast with Gary McGraw focuses directly on software security practitioners and practical software security. Reality Check’s sister podcast, the Silver Bullet Security Podcast with Gary McGraw, follows a free form in...
-
Publications and Presentations
The resources gathered here are designed to provide additional technical and/or background information on Cigital's approach to protecting companies from the severe business risks of failed or flawed software.
Books: Cigital's experts have authored numerous books on cutting-edge software reliability, security and quality techniques.
Publications: Hundreds of published trade and technical papers about software security, reliabilty and quality.
Software Security Articles by Cigital Experts: Software security-themed articles previously published in IEEE Security & Privacy and Network Magazine.
White Papers: Cigital experts discuss the importance of protecting your business from the severe consequences of software failure.
Also...
Cigital Java Security Rulepack: Cigital developed a set of Java custom rules for the Fortify Source Code Analyzer(version 4.5 or later) to help automate source code review. This rule pack aims to extend the existing set of supported Java rules by Fortify. It builds upon Fortify's default set of rules by checking for additional security vulnerabilities.
Virtual Forge's Security Lessons (mirror):
Example 1: Car Auction, Example 2: Online Application, Cross Site Request Forgery, Forceful Browsing