The most common approach to securing a web application involves doing a single security test, usually a Web Application Security Assessment, when a development project is completed. While this is still a requirement, this paper discusses why security needs to be incorporated earlier and throughout the software development life cycle (SDLC). 

HP QAInspect delivers automated security information that QA professionals and software testers can access at any point in the application development process to identify and remediate potential security defects. 

Red Hat, the world's leading provider of open source solutions, is committed to utilizing the principles of open source to provide enterprise-level security to its customers. This paper reviews open source software development principles and process and how those lead to more secure software. 

Blue Coat ProxyClient extends Blue Coat's visionary application delivery infrastructure to include all of these use cases - from any network, any device, and to any application - keeping users productive wherever the business takes them. 

Building security into the software development lifecycle takes more than just a plan. You need the support of both the development and security/audit organizations to make it work. This podcast, featuring Diana Kelley, presents a plan for selling the value of security to all of the constituencies who matter in your organization. 

Watch this webcast to view a virtual tour of CodePro AnalytiX™ to see the power of automating Java software testing throughout your Eclipse-based development project. You will also learn how to automate Java software quality and security testing from each developer’s desktop or during your nightly build. 

As USB devices have evolved into useful storage media, they've also turned into a security nightmare for organizations. Read how to embrace this technology to aid in the reduction of operating costs and effectively protect data by enforcing removable device usage policies. 

Remote Encryption Management Software Development Kit (SDK) provides the tools to allow FDE or software based encrypted hard drives to be unlocked remotely out of band using vPro. This allows computers with vPro and encrypted hard drives to be managed out-of-band. Learn more about this SDK and download your free copy today. 

For organizations trying to shore up network defenses, it's important to understand how the security threat landscape has evolved. Only then is it possible to determine the best use of network-security solutions -- particularly Intrusion Prevention Systems (IPS) -- to block ongoing and future waves of attacks. Read on to learn more. 

In this E-Guide, independent security expert Shon Harris reviews SLAs, their purpose, and recommended requirements. Also included is a 14 point checklist which outlines core items that must be understood, communicated and agreed upon before signing a contract with any MSSP. Read on to learn more about writing a solid SLA. 

According to recent research conducted by IBM® ISS X-Force®, more than half of all disclosed vulnerabilities in 2008 were Web application flaws. Learn how IBM Web application security solutions can help you reduce costs, manage risk and improve service. Listen to the podcast. 

This IBM white paper outlines the risks surrounding Web applications and reviews four layers of security needed in a strategy for end-to end Web protection.