Software Quality Web application security -- How to prevent attacks:
Web application security -- How to prevent attacks
The battle against hackers is a difficult one. An attacker needs to find only one vulnerability to break in, while you need to find all of them to keep him out. That may seem like an impossible task, but if you can think like an attacker you can block his entry before he gets there. This guide introduces you to popular Web application attacks and provides tips, techniques and advice for keeping the bad guys out.
New in this guide
- Static analysis tool helps software engineers find bugs during builds (Web application security tools and services)
- Web security: Web services an overlooked entry point for attacks (Web services security)
Developers and designers have their own techniques for making sure software doesn't have security flaws. Learn how code reviews and source code analysis can help identify vulnerabilities.
Software testers have a number of different tests at their disposal to help identify security flaws, including input validation, penetration testing, white box testing and black box testing. Learn about what they do and how to run them.
Security features, like other features in software, are initiated in the requirements elicitation and analysis phase. Learn how to use threat modeling and misuse cases, among other techniques, to determine security features that ought to be included.
Before you can protect your Web application, you need to know what you're protecting it from. Learn what attacks are most prevalent and the damage they can do.
In many cases, tools can help detect security flaws and advise on how to fix them. Here's a look at some of the tools available -- free and paid.