Building security into the SDLC (Software development life cycle)

Email Alerts

Register now to receive SearchSoftwareQuality.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Application security testing: Protecting your application and data

    Application security testing is critical in ensuring your data and applications are safe from security attack. This e-book, written for IT management, including QA and development managers, explains the basics of application security and then delves ... 

  • virtual patching

    Virtual patching is the quick development and short-term implementation of a security policy meant to prevent an exploit from occurring as a result of a newly discovered vulnerability. A virtual patch is sometimes called a Web application firewall (W... 

  • application security

    Application security is the use of software, hardware, and procedural methods to protect applications from external threats. Once an afterthought in software design, security is becoming an increasingly important concern during development as applica... 

  • SQL injection

    SQL injection is a type of security exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data. 

  • WS-SecureConversation (Web Services Secure Conversation Language)

    WS-SecureConversation, also called Web Services Secure Conversation Language, is a specification that provides secure communication between Web services using session keys. WS-SecureConversation, released in 2005, is an extension of WS-Security and W... 

  • bug

    In computer technology, a bug is a coding error in a computer program. 

  • cross-site request forgery (XSRF or CSRF)

    Cross-site request forgery (XSRF or CSRF) is a method of attacking a Web site in which an intruder masquerades as a legitimate and trusted user... (Continued) 

  • application firewall

    An application firewall is an enhanced firewall that limits access by applications to the operating system (OS) of a computer... (Continued) 

  • authorization

    Authorization is the process of giving someone permission to do or have something. 

  • access control list (ACL)

    An access control list (ACL) is a table that tells a computer operating system which access rights each user has to a particular system object, such as a file directory or individual file. 

  • Injection attacks -- Knowledge and prevention

    SQL injection is recognized as a major threat to application security, but what about other injection attacks? SPI Dynamics' Caleb Sima dissects these exploits and offers straightforward prevention techniques in this podcast. 

About Building security into the SDLC (Software development life cycle)

News, tips and advice on how to build security into the software development life cycle so development teams can produce secure, quality software.