Technology Transfer: A Software Security Marketplace Case Study

This paper presents the software security (application security) solutions. It is an idea of engineering software so that it continues to function correctly under malicious attack. Although as a discipline software security is relatively young, much progress has been made on ways to integrate securi...

Full description

Saved in:
Bibliographic Details
Published in:IEEE software 2011-09, Vol.28 (5), p.9-11
Main Author: McGraw, G.
Format: Article
Language:English
Subjects:
Alliances
Applied sciences
Best practice
Best practices
Case studies
code review
Computer programs
Computer science
control theory
systems
Computer security
Cybersecurity
Data encryption
Engineering
Exact sciences and technology
Government grants
Memory and file management (including protection and security)
Memory organisation. Data processing
Network security
R&D
Research & development
Risk assessment
Security
Software
Software engineering
Software industry
software security
Technology transfer
Venture capital
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by cdi_FETCH-LOGICAL-c376t-f4e551f707073e46e2c548fa68885d585a0dddf5c2d7da189409a0edd2ec6b703
cites cdi_FETCH-LOGICAL-c376t-f4e551f707073e46e2c548fa68885d585a0dddf5c2d7da189409a0edd2ec6b703
container_end_page 11
container_issue 5
container_start_page 9
container_title IEEE software
container_volume 28
creator McGraw, G.
description This paper presents the software security (application security) solutions. It is an idea of engineering software so that it continues to function correctly under malicious attack. Although as a discipline software security is relatively young, much progress has been made on ways to integrate security best practices into the software development life cycle. Microsoft, for example, has helped spearhead soft ware security through its Trustworthy Computing Initiative and the resulting Security Development Lifecycle (SDL). Cigital has also been instrumental in bringing software security to the wider market through its professional services.
doi_str_mv 10.1109/MS.2011.110
format article
fullrecord <record><control><sourceid>proquest_pasca</sourceid><recordid>TN_cdi_pascalfrancis_primary_24426395</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>5984788</ieee_id><sourcerecordid>1671343975</sourcerecordid><originalsourceid>FETCH-LOGICAL-c376t-f4e551f707073e46e2c548fa68885d585a0dddf5c2d7da189409a0edd2ec6b703</originalsourceid><addsrcrecordid>eNqFkE1LAzEQhoMoWKsnj14WQRBkNZ-bxIuU4hdYPLSel5hMdHXbrckusv_eLC0evMgchmGeeWfmReiY4EtCsL6azS8pJmQodtCIaCZzTjTfRSMsOc4lF3ofHcT4gTEWhOERulmAfV81dfPWZ4tgVtFDuM4m2bzx7bcJkM3BdqFq-2xmwie069pYyKYmpk7buf4Q7XlTRzja5jF6ubtdTB_yp-f7x-nkKbdMFm3uOQhBvMQpGPACqBVceVMopYQTShjsnPPCUiedIUpzrA0G5yjY4lViNkbnG911aL46iG25rKKFujYraLpYkkISxpmW4n8UJ6sIpWlgjE7_oB9NF1bpkVIpRotCsmH1xQayoYkxgC_XoVqa0CelcrC9nM3LwfahSPTZVtJEa2qfPLVV_B2hnNOC6eHKkw1XAcBvW2jFZVr9A1gkiDU</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>883266730</pqid></control><display><type>article</type><title>Technology Transfer: A Software Security Marketplace Case Study</title><source>ABI/INFORM Global</source><source>IEEE Xplore (Online service)</source><creator>McGraw, G.</creator><creatorcontrib>McGraw, G.</creatorcontrib><description>This paper presents the software security (application security) solutions. It is an idea of engineering software so that it continues to function correctly under malicious attack. Although as a discipline software security is relatively young, much progress has been made on ways to integrate security best practices into the software development life cycle. Microsoft, for example, has helped spearhead soft ware security through its Trustworthy Computing Initiative and the resulting Security Development Lifecycle (SDL). Cigital has also been instrumental in bringing software security to the wider market through its professional services.</description><identifier>ISSN: 0740-7459</identifier><identifier>EISSN: 1937-4194</identifier><identifier>DOI: 10.1109/MS.2011.110</identifier><identifier>CODEN: IESOEG</identifier><language>eng</language><publisher>Los Alamitos, CA: IEEE</publisher><subject>Alliances ; Applied sciences ; Best practice ; Best practices ; Case studies ; code review ; Computer programs ; Computer science; control theory; systems ; Computer security ; Cybersecurity ; Data encryption ; Engineering ; Exact sciences and technology ; Government grants ; Memory and file management (including protection and security) ; Memory organisation. Data processing ; Network security ; R&amp;D ; Research &amp; development ; Risk assessment ; Security ; Software ; Software engineering ; Software industry ; software security ; Technology transfer ; Venture capital</subject><ispartof>IEEE software, 2011-09, Vol.28 (5), p.9-11</ispartof><rights>2015 INIST-CNRS</rights><rights>Copyright IEEE Computer Society Sep/Oct 2011</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c376t-f4e551f707073e46e2c548fa68885d585a0dddf5c2d7da189409a0edd2ec6b703</citedby><cites>FETCH-LOGICAL-c376t-f4e551f707073e46e2c548fa68885d585a0dddf5c2d7da189409a0edd2ec6b703</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://www.proquest.com/docview/883266730?pq-origsite=primo$$EHTML$$P50$$Gproquest$$H</linktohtml><link.rule.ids>314,777,781,11669,27905,27906,36041,36042,44344,54777</link.rule.ids><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&amp;idt=24426395$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><creatorcontrib>McGraw, G.</creatorcontrib><title>Technology Transfer: A Software Security Marketplace Case Study</title><title>IEEE software</title><addtitle>S-M</addtitle><description>This paper presents the software security (application security) solutions. It is an idea of engineering software so that it continues to function correctly under malicious attack. Although as a discipline software security is relatively young, much progress has been made on ways to integrate security best practices into the software development life cycle. Microsoft, for example, has helped spearhead soft ware security through its Trustworthy Computing Initiative and the resulting Security Development Lifecycle (SDL). Cigital has also been instrumental in bringing software security to the wider market through its professional services.</description><subject>Alliances</subject><subject>Applied sciences</subject><subject>Best practice</subject><subject>Best practices</subject><subject>Case studies</subject><subject>code review</subject><subject>Computer programs</subject><subject>Computer science; control theory; systems</subject><subject>Computer security</subject><subject>Cybersecurity</subject><subject>Data encryption</subject><subject>Engineering</subject><subject>Exact sciences and technology</subject><subject>Government grants</subject><subject>Memory and file management (including protection and security)</subject><subject>Memory organisation. Data processing</subject><subject>Network security</subject><subject>R&amp;D</subject><subject>Research &amp; development</subject><subject>Risk assessment</subject><subject>Security</subject><subject>Software</subject><subject>Software engineering</subject><subject>Software industry</subject><subject>software security</subject><subject>Technology transfer</subject><subject>Venture capital</subject><issn>0740-7459</issn><issn>1937-4194</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2011</creationdate><recordtype>article</recordtype><sourceid>M0C</sourceid><recordid>eNqFkE1LAzEQhoMoWKsnj14WQRBkNZ-bxIuU4hdYPLSel5hMdHXbrckusv_eLC0evMgchmGeeWfmReiY4EtCsL6azS8pJmQodtCIaCZzTjTfRSMsOc4lF3ofHcT4gTEWhOERulmAfV81dfPWZ4tgVtFDuM4m2bzx7bcJkM3BdqFq-2xmwie069pYyKYmpk7buf4Q7XlTRzja5jF6ubtdTB_yp-f7x-nkKbdMFm3uOQhBvMQpGPACqBVceVMopYQTShjsnPPCUiedIUpzrA0G5yjY4lViNkbnG911aL46iG25rKKFujYraLpYkkISxpmW4n8UJ6sIpWlgjE7_oB9NF1bpkVIpRotCsmH1xQayoYkxgC_XoVqa0CelcrC9nM3LwfahSPTZVtJEa2qfPLVV_B2hnNOC6eHKkw1XAcBvW2jFZVr9A1gkiDU</recordid><startdate>20110901</startdate><enddate>20110901</enddate><creator>McGraw, G.</creator><general>IEEE</general><general>IEEE Computer Society</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>IQODW</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>3V.</scope><scope>7WY</scope><scope>7WZ</scope><scope>7XB</scope><scope>87Z</scope><scope>88F</scope><scope>88I</scope><scope>88K</scope><scope>8AL</scope><scope>8FE</scope><scope>8FG</scope><scope>8FK</scope><scope>8FL</scope><scope>8G5</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>FRNLG</scope><scope>F~G</scope><scope>GNUQQ</scope><scope>GUQSH</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K60</scope><scope>K6~</scope><scope>K7-</scope><scope>L.-</scope><scope>L6V</scope><scope>M0C</scope><scope>M0N</scope><scope>M1Q</scope><scope>M2O</scope><scope>M2P</scope><scope>M2T</scope><scope>M7S</scope><scope>MBDVC</scope><scope>P5Z</scope><scope>P62</scope><scope>PQBIZ</scope><scope>PQBZA</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>Q9U</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>F28</scope><scope>FR3</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>20110901</creationdate><title>Technology Transfer: A Software Security Marketplace Case Study</title><author>McGraw, G.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c376t-f4e551f707073e46e2c548fa68885d585a0dddf5c2d7da189409a0edd2ec6b703</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2011</creationdate><topic>Alliances</topic><topic>Applied sciences</topic><topic>Best practice</topic><topic>Best practices</topic><topic>Case studies</topic><topic>code review</topic><topic>Computer programs</topic><topic>Computer science; control theory; systems</topic><topic>Computer security</topic><topic>Cybersecurity</topic><topic>Data encryption</topic><topic>Engineering</topic><topic>Exact sciences and technology</topic><topic>Government grants</topic><topic>Memory and file management (including protection and security)</topic><topic>Memory organisation. Data processing</topic><topic>Network security</topic><topic>R&amp;D</topic><topic>Research &amp; development</topic><topic>Risk assessment</topic><topic>Security</topic><topic>Software</topic><topic>Software engineering</topic><topic>Software industry</topic><topic>software security</topic><topic>Technology transfer</topic><topic>Venture capital</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>McGraw, G.</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>Pascal-Francis</collection><collection>CrossRef</collection><collection>ProQuest Central (Corporate)</collection><collection>ABI/INFORM Collection</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection</collection><collection>Military Database (Alumni Edition)</collection><collection>Science Database (Alumni Edition)</collection><collection>Telecommunications (Alumni Edition)</collection><collection>Computing Database (Alumni Edition)</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection (Alumni Edition)</collection><collection>Research Library (Alumni Edition)</collection><collection>Materials Science &amp; Engineering Collection</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Business Premium Collection</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Business Premium Collection (Alumni)</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>ProQuest Central Student</collection><collection>Research Library Prep</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Business Collection (Alumni Edition)</collection><collection>ProQuest Business Collection</collection><collection>Computer Science Database</collection><collection>ABI/INFORM Professional Advanced</collection><collection>ProQuest Engineering Collection</collection><collection>ABI/INFORM Global</collection><collection>Computing Database</collection><collection>Military Database (Proquest)</collection><collection>Research Library</collection><collection>ProQuest Science Journals</collection><collection>Telecommunications Database</collection><collection>Engineering Database</collection><collection>Research Library (Corporate)</collection><collection>Advanced Technologies &amp; Aerospace Database</collection><collection>ProQuest Advanced Technologies &amp; Aerospace Collection</collection><collection>One Business</collection><collection>ProQuest One Business (Alumni)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>ProQuest Central Basic</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ANTE: Abstracts in New Technology &amp; Engineering</collection><collection>Engineering Research Database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE software</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>McGraw, G.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Technology Transfer: A Software Security Marketplace Case Study</atitle><jtitle>IEEE software</jtitle><stitle>S-M</stitle><date>2011-09-01</date><risdate>2011</risdate><volume>28</volume><issue>5</issue><spage>9</spage><epage>11</epage><pages>9-11</pages><issn>0740-7459</issn><eissn>1937-4194</eissn><coden>IESOEG</coden><abstract>This paper presents the software security (application security) solutions. It is an idea of engineering software so that it continues to function correctly under malicious attack. Although as a discipline software security is relatively young, much progress has been made on ways to integrate security best practices into the software development life cycle. Microsoft, for example, has helped spearhead soft ware security through its Trustworthy Computing Initiative and the resulting Security Development Lifecycle (SDL). Cigital has also been instrumental in bringing software security to the wider market through its professional services.</abstract><cop>Los Alamitos, CA</cop><pub>IEEE</pub><doi>10.1109/MS.2011.110</doi><tpages>3</tpages></addata></record>
fulltext fulltext
identifier ISSN: 0740-7459
ispartof IEEE software, 2011-09, Vol.28 (5), p.9-11
issn 0740-7459
1937-4194
language eng
recordid cdi_pascalfrancis_primary_24426395
source ABI/INFORM Global; IEEE Xplore (Online service)
subjects Alliances
Applied sciences
Best practice
Best practices
Case studies
code review
Computer programs
Computer science
control theory
systems
Computer security
Cybersecurity
Data encryption
Engineering
Exact sciences and technology
Government grants
Memory and file management (including protection and security)
Memory organisation. Data processing
Network security
R&D
Research & development
Risk assessment
Security
Software
Software engineering
Software industry
software security
Technology transfer
Venture capital
title Technology Transfer: A Software Security Marketplace Case Study
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-19T21%3A04%3A06IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_pasca&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Technology%20Transfer:%20A%20Software%20Security%20Marketplace%20Case%20Study&rft.jtitle=IEEE%20software&rft.au=McGraw,%20G.&rft.date=2011-09-01&rft.volume=28&rft.issue=5&rft.spage=9&rft.epage=11&rft.pages=9-11&rft.issn=0740-7459&rft.eissn=1937-4194&rft.coden=IESOEG&rft_id=info:doi/10.1109/MS.2011.110&rft_dat=%3Cproquest_pasca%3E1671343975%3C/proquest_pasca%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c376t-f4e551f707073e46e2c548fa68885d585a0dddf5c2d7da189409a0edd2ec6b703%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=883266730&rft_id=info:pmid/&rft_ieee_id=5984788&rfr_iscdi=true