Home > Resources > Whitepapers > Security Systems Engineering Approach in Evaluating Commercial and Open Source Software Products

Security Systems Engineering Approach in Evaluating Commercial and Open Source Software Products

"The use of commercial and free open source software (FOSS) is becoming more common in commercial, corporate, and government settings as they develop complex systems. This carries a set of risks until the system is retired or replaced. Unfortunately during project development, the amount of security resources and time necessary to accommodate proper security evaluations is usually underestimated. Also, there is no widely used or standardized evaluation process that engineers and scientists can utilize as a guideline. Therefore, the evaluation process usually ends up lacking or widely different from project to project and company to company. This paper provides a suggested evaluation process and a set of methodologies, along with associated costs and risks that projects can utilize as a guideline when they integrate commercial and FOSS products during system development life cycle (SDLC). "

I'm For Real

Enter your details once to access all our information and resources

Spotlight

TIBCO LogLogic

LogLogic is the provider of industry’s only scalable log and security intelligence platform for the enterprise and cloud. LogLogic, with over 1300 customers, provides solutions that allow customers to collect and analyze terabytes of big data generated by their IT assets and gives Security, IT Ops, and Compliance professionals actionable information at their finger tips to identify issues proactively and make insightful decisions, and also get compliant with various regulations. Currently, LogLogic customers are leveraging its solutions to manage over 1,000 Petabytes (or 1 Exabyte) of data.

OTHER WHITEPAPERS
news image

Cloud Native Security Model

whitePaper | December 23, 2022

Moving to the cloud is more than a technical transition to a new platform. It is a core part of an enterprise's growth strategy and while strategically important, it can also be potentially disruptive.

Read More
news image

Veritas Alta SaaS Protection

whitePaper | January 25, 2023

Veritas Alta™ SaaS Protection (formerly known as Netbackup SaaS Protection) is a cloud-based secondary storage platform for enterprise organizations to centrally protect, analyze, search, and manage all types of SaaS application data at any scale.

Read More
news image

Threat Connect Cyber Survey Report

whitePaper | January 4, 2022

Whether you are in financial services, farming, or public infrastructure, the security threat to organizations has never been greater. Today, almost every company is a technology company in some shape or form and this can be a soft underbelly - open to attack. Cyber risk is the fastest-growing risk faced by businesses globally. A wide range of statistics and sources make it clear that attackers have become even more proficient over recent years, using automation to exploit vulnerabilities at an accelerated pace and frequency. Threats are even more widespread and complex than before.

Read More
news image

Building the next generation of security and privacy professionals

whitePaper | October 4, 2022

Organizational practices in the digital age are inevitably linked to the processing of data, and built upon the systems that support these efforts. Collectively, cybersecurity and privacy professionals are responsible for guiding and implementing organizational decisions that ensure data is collected, processed, protected and shared consistent with evolving norms.

Read More
news image

Check The Locks

whitePaper | October 4, 2022

Organizations have invested millions towards improved information security since the start of the pandemic, which galvanized a worldwide explosion of cybercrime. C-suites are increasingly recognizing cybersecurity as a business risk, viewing its necessity as more than just an IT problem.

Read More
news image

Supply Chain Security in MongoDB’s Software Development Lifecycle

whitePaper | May 25, 2022

Cybersecurity breaches do more than expose data to malicious actors. They generate headlines, captivate the public’s attention, and shine a light on security gaps. Whether it’s weak passwords or the software supply chain, if a vulnerability exists, cybercriminals will exploit it.

Read More

Cloud Native Security Model

whitePaper | December 23, 2022

Moving to the cloud is more than a technical transition to a new platform. It is a core part of an enterprise's growth strategy and while strategically important, it can also be potentially disruptive.

Read More

Veritas Alta SaaS Protection

whitePaper | January 25, 2023

Veritas Alta™ SaaS Protection (formerly known as Netbackup SaaS Protection) is a cloud-based secondary storage platform for enterprise organizations to centrally protect, analyze, search, and manage all types of SaaS application data at any scale.

Read More

Threat Connect Cyber Survey Report

whitePaper | January 4, 2022

Whether you are in financial services, farming, or public infrastructure, the security threat to organizations has never been greater. Today, almost every company is a technology company in some shape or form and this can be a soft underbelly - open to attack. Cyber risk is the fastest-growing risk faced by businesses globally. A wide range of statistics and sources make it clear that attackers have become even more proficient over recent years, using automation to exploit vulnerabilities at an accelerated pace and frequency. Threats are even more widespread and complex than before.

Read More

Building the next generation of security and privacy professionals

whitePaper | October 4, 2022

Organizational practices in the digital age are inevitably linked to the processing of data, and built upon the systems that support these efforts. Collectively, cybersecurity and privacy professionals are responsible for guiding and implementing organizational decisions that ensure data is collected, processed, protected and shared consistent with evolving norms.

Read More

Check The Locks

whitePaper | October 4, 2022

Organizations have invested millions towards improved information security since the start of the pandemic, which galvanized a worldwide explosion of cybercrime. C-suites are increasingly recognizing cybersecurity as a business risk, viewing its necessity as more than just an IT problem.

Read More

Supply Chain Security in MongoDB’s Software Development Lifecycle

whitePaper | May 25, 2022

Cybersecurity breaches do more than expose data to malicious actors. They generate headlines, captivate the public’s attention, and shine a light on security gaps. Whether it’s weak passwords or the software supply chain, if a vulnerability exists, cybercriminals will exploit it.

Read More
More Whitepapers

Spotlight

TIBCO LogLogic

LogLogic is the provider of industry’s only scalable log and security intelligence platform for the enterprise and cloud. LogLogic, with over 1300 customers, provides solutions that allow customers to collect and analyze terabytes of big data generated by their IT assets and gives Security, IT Ops, and Compliance professionals actionable information at their finger tips to identify issues proactively and make insightful decisions, and also get compliant with various regulations. Currently, LogLogic customers are leveraging its solutions to manage over 1,000 Petabytes (or 1 Exabyte) of data.

Events

Nordic IT Security Event

Conference