 |
 |
| The basics of Web application security testing: 1 - 3 of 4 |
|
|
|
|
Web application security testing checklist
SearchSoftwareQuality.com | 03 Feb 2009
TIP - Testing your Web application security is something that needs be taken seriously. The best way to be successful is to prepare in advance and know what to look for. Here's an essential elements checklist to help you get... |
|
Web application security testing basics
Expert: Dan Cornell | 12 Nov 2007
EXPERT RESPONSE - Static and dynamic analysis, whether manual or automated, are designed to find Web application security vulnerabilities. Dan Cornell explains how to uncover bugs through security testing. |
|
| Input validation: 1 - 2 of 2 |
|
|
|
|
The importance of input validation
SearchSoftwareQuality.com | 06 Sep 2006
TIP - Web applications are vulnerable if you don't practice input validation. Learn how to prevent application attacks such as buffer overflow, SQL injection and cross-site scripting. |
|
One simple rule to make your Web apps more secure
SearchSoftwareQuality.com | 19 Oct 2006
Q A INTERVIEW - If there's one thing developers should do to increase Web applications security, it's input validation, according to Caleb Sima, founder and CTO of SPI Dynamics. In this interview, he discusses the most dangerous... |
|
| Penetration testing: 1 - 3 of 3 |
|
|
|
|
What to do after penetration testing: source code analysis
SearchSoftwareQuality.com | 22 Aug 2007
TIP - You may think penetration testing is enough to make sure your Web applications are secure. But source code analysis tools can uncover vulnerabilities that aren't easily found using pen testing. Long skeptical about such... |
|
Manual vs. automated penetration testing
Expert: Brad Arkin | 01 Jun 2006
EXPERT RESPONSE - Manual penetration testing, automated pen testing or both? Application tools and technologies expert Brad Arkin helps you sort through your application security options. |
|
Penetration testing best practices
SearchSoftwareQuality.com | 14 Mar 2006
TIP - Penetration testing can help you find critical vulnerabilties in your Web applications. Here are some best practices for pen testing to achieve application security. |
|
| Black, white and gray box testing: 1 - 2 of 2 |
|
|
|
|
How to learn white box testing
Expert: Mike Kelly | 07 Aug 2008
EXPERT RESPONSE - Learning white box testing, also known as clear box or glass box testing, can be accomplished by following a series of steps. Testing expert Mike Kelly explains how to approach this learning process. |
|
| Ajax security: 1 - 3 of 3 |
|
|
|
|
Ajax security -- Is anyone listening?
SearchSoftwareQuality.com | 18 Jul 2008
TIP - Concerned about Ajax security? Security expert Kevin Beaver says that if developers and security professionals learn the basics of Ajax, lock it down within reason, and consistently test for the obvious holes, then... |
|
Testing for security in the age of Ajax programming
SearchSoftwareQuality.com | 05 Oct 2006
TIP - Ajax applications require an innovative approach to security testing. Bryan Sullivan offers programmers and QA testers tips on eliminating vulnerabilities in Ajax applications. |
|
How to safely deploy Ajax applications
Expert: Caleb Sima | 29 Jun 2006
EXPERT RESPONSE - Ajax applications are popping up all over the Web, but many people are uncertain how to secure Ajax on their sites. Because of Ajax's unique capabilities, some extra precautions are required. Expert Caleb Sima clears up... |
|
| Web services security: 1 - 3 of 4 |
|
|
|
|
Web security: Web services an overlooked entry point for attacks
SearchSoftwareQuality.com | 21 Aug 2008
TIP - Web services are not only the backbone of application interaction, but they can also be the Achille's heel of Web security. Kevin Beaver explains their vulnerabilities and suggests tools to test for security problems. |
|
Why are Web services more vulnerable than Web apps?
Expert: Rami Jaamour | 22 Feb 2006
EXPERT RESPONSE - Web application security should be adapted to fit the unique needs to Web services. Expert Rami Jaamour explains how Web services security differs from traditional application security. |
|
|
|
|
