Prevention techniques for developers-designers

All-in-One Guides:Web application security -- How to prevent attacks

Prevention techniques for developers-designers

Developers and designers have their own techniques for making sure software doesn't have security flaws. Learn how code reviews and source code analysis can help identify vulnerabilities.

Browse SubCategories:

Code review:

1 - 3 of 3

  • PCI DSS compliance: Code review

    Learning Guide -  Code review is a broad security concept and those looking at this option for compliance will find plenty of expert information on the types of code review in this section of the guide.

  • PCI DSS compliance: WAF, code review or both?

    Ask the Expert -  Complying with PCI DSS requirement 6.6 means installing a Web application firewall or conducting a code review. Application security expert Caleb Sima explains which option is best and how to get the most out of your app sec program.

  • The realities of PCI DSS 6.6 application code reviews

    Tip -  Code reviews are one way to comply with Requirement 6.6 of the PCI Data Security Standard (DSS). Kevin Beaver explains what you need to consider if you select this option.

Source code analysis:

1 - 3 of 9

  • Code analysis: Which tool is right for you?

    Ask the Expert -  Code scanners are excellent application security tools. Expert Brad Arkin explains which features security professionals should consider when choosing a code analysis tool.

  • Application security increased by static and dynamic code analysis

    Tip -  Integrating security measures into the software development life cycle (SDLC) is crucial Web application security. One of these measures is source code analysis, which includes both static and dynamic analysis.

  • How static analysis can improve software security

    05 Jun 2007

    Interview -  Fortify's Brian Chess talks about his upcoming book, Secure Programming with Static Analysis, and progress that has been made toward making security part of the software development life cycle (SDLC).

VIEW ALL IN THIS CATEGORY

The basics:

1 - 2 of 2

  • Developers get bigger role in software quality, security

    28 Jan 2008

    Article -  In the continuing drive to address quality and security earlier in the software development lifecycle (SDLC), two thought leaders in the automated source code analysis market -- Klocwork and Ounce Labs -- are targeting new releases at the developer.

  • Beginning a Java security career

    Ask the Expert -  A career in Java security starts with a thorough knowledge of Java's unique security structure. Expert Ramesh Nagappan advises how to learn application security development in Java.