
	Home > Ask the Software Quality Experts > Web and Enterprise Application Security Testing Questions & Answers > Old problems persist in Web 2.0 security practices

Ask The Software Quality Expert: Questions & Answers

EMAIL THIS

Old problems persist in Web 2.0 security practices

QUESTION:
What's the next big thing with Web application security?

RELATED CONTENT

	Web and Enterprise Application Security Testing
	How to get development, QA and security compliance teams to play nice
	Beating software's cross-site scripting, authentication problems
	Put a stop to software espionage by watermarking source code
	How can I tell if my software security has been breached?
	Is online application testing for smartphones different from other software testing?
	Is manually testing a software project for flaws too risky?
	Affordable automated testing tools for securing websites
	Identifying whether or not your site or software has been hacked
	How do I set up a secure login page using membership in ASP.NET?
	Are there application security certification standards?

Software security testing tools

Why you don't need to buy a testing tool, except when you do

Beating software's cross-site scripting, authentication problems

Application security checklist: Finding, eliminating SQL injection flaws

Free tools for Agile testers

Put a stop to software espionage by watermarking source code

How to make your software tamperproof

How can I tell if my software security has been breached?

WebGoat: password weakness issues, basic application hacking concerns

Lesser-known free software testing tools testers should try

Demo: Using WebGoat, a free software testing tool

Software security testing and techniques

Why use POST vs. GET to keep applications secure

Application security checklist: Ways to beat cross-site request forgery

Are SQL injection attacks really a big software security risk?

Managing software testing: Five focus-improvement tips

Web server weaknesses you don't want to overlook

Using firewalls for software testing: Pros and cons

Beating software's cross-site scripting, authentication problems

Application security checklist: Finding, eliminating SQL injection flaws

Free Web proxy security tools software testers should get to know

How to get management on board with Web 2.0 security issues

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

penetration testing (SearchSoftwareQuality.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Kevin Beaver EXPERT RESPONSE FROM: Kevin Beaver

Pose a Question

Other Software Quality Categories

Meet all Software Quality Experts

Become an Expert for this site

ANSWERED January 2010:

As much as Web 2.0 and cloud are getting the spotlight I still believe that we haven't gotten our arms around the basics of Web security. Be it OWASP adoption, integrating security in the SDLC, or getting developers/QA staff the proper security training we've still got a long way to go. Unless and until we can address the basics with input validation, securely logging in users, and controlling who can do what/where inside the application we're not going to be able to move on to the next big thing and feel good about it.

While no one could claim to a completely accurate estimation of what the future has in store for Web 2.0 applications or their security, I strongly suggest that serious developers for Web 2.0 applications keep their understanding fresh and relevant. To help you build and maintain these skills I have assembled a list of helpful tips and tutorials (located below) on Web 2.0 applications.

How to get management on board with Web 2.0 security issues
Ways to get management buy-in for Web 2.0 security testing and quality assurance and to bolster application security before deployment are given in this tip.
Rich Internet applications security testing checklist
Fix common RIA and Web 2.0 application problems caused by Ajax, Flash and other technologies with these tips.
Spotting rich Internet application security flaws with WebGoat
Learn how Web 2.0. and other rich internet application security flaws are missed by automated tools that can easily be spotted with webgoat and similar free online tools.

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Software Quality - Software Maintenance, Software Requirements, Software Standards

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2006 - 2010, TechTarget \| Read our Privacy Policy