Primary research papers from Securosis, released under Creative Commons licensing.
Securosis Research is developed under the Totally Transparent Research Process.
We cover application security extensively on this blog, but normally we are trying to demystify a specific technology area to help companies understand what to look for in products, and how to differentiate real capabilities from marketing fluff. But in light of recent conversations with large enterprises it has become clear that most of these firms have gaps in their security program, specifically in and around the major enterprise applications which are core to their business. This is…
The Business Justification for Data Security is one of our more important pieces of research. It describes how to evaluate data security investments, map the potential investment to your business needs, then build a business justification case. It starts with a discussion of data security issues, then reviews alternative models (and their flaws), and finishes presents our justification methodology. Attached is the Whitepaper.