There are a tremendous number of resources available for organizations wanting to test the security of software or build secure software from the ground up. A critical area that is often overlooked is how organizations can address the existing vulnerabilities in their software portfolios.
We do a lot of software seurity remediation projects at Denim Group so we put together a how-to-guide based on our experiences:
The guide lays out a project structure for remediation and has tips and recommendations drawn from our work with a variety of organizations struggling with huge volumes of security vulnerabilities. It steps through the major phases: Inception, Planning and Execution and looks at what teams can do in order to most efficiently reduce their exposure and risk due to vulnerable software.
You can also download the Remediation How-To-Guide as a PDF.
dan _at_ denimgroup.com