Building security into the SDLC (Software development life cycle) news, help and research


	Home > Software Quality Topics > Software Requirements > Building security into the SDLC (Software development life cycle)

Software Quality Topics:

EMAIL THIS

TOPICS HOME

BROWSE ALL SOFTWARE QUALITY TOPICS

SOFTWARE QUALITY INFO CENTERS

RESOURCE CENTERS

RSS FEEDS


Building security into the SDLC (Software development life cycle) News, tips and advice on how to build security into the software development life cycle so development teams can produce secure, quality software.



IN THIS TOPIC:	NEWS (69) , EXPERT TECHNICAL ADVICE (115) , REFERENCE & LEARNING (20) , DOWNLOADS (2) , BEST WEB LINKS (112)


NEWS: 1 - 3 of 69


	Application security enters uncharted regions SearchSoftwareQuality.com \| 03.27.2008 OPINION - The revelation that pacemakers can be hacked illustrates how software makers have to start thinking differently about application security and quality.


	Developers get bigger role in software quality, security SearchSoftwareQuality.com \| 28 Jan 2008 ARTICLE - In the continuing drive to address quality and security early in the SDLC two thought leaders in the automated source code analysis market are targeting products at the developer.


	Microsoft's Michael Howard: Security must be a part of every application SearchSoftwareQuality.com \| 28 Nov 2007 INTERVIEW - Security needs to become a way of life in application development, Microsoft's Michael Howard says. Use tools and educate people to make sure your applications aren't weak links.


	VIEW ALL NEWS ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)


EXPERT TECHNICAL ADVICE: 1 - 3 of 115



BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE) EXPERTS



	Ramesh Nagappan Java Technology Architect, Sun Microsystems ASK A QUESTION	Chris Wysopal co-founder and chief technology officer ASK A QUESTION


	How to prevent XPath injection Submitted By: SearchSoftwareQuality.com \| 11 Feb 2008 TIP - Parameterization and input validation are invaluable to application security. Which method is best for preventing XPath injection attacks? Expert Chris Eng explains.


	InfoSecurity 2008 Threat Analysis, Chapter 4: XSS Theory Submitted By: SearchSoftwareQuality.com \| 07 Jan 2008 TIP - Application security threats are becoming more complex than ever before. This free chapter explains how cross-site scripting (XSS) works.


	How to prevent anti-DNS pinning attacks 19 Dec 2007 EXPERT ANSWER - Application security measures can prevent anti-DNS pinning, aka DNS rebinding. Expert Chris Wysopal explains how to protect end users from this attack.


	VIEW ALL EXPERT TECHNICAL ADVICE ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)


REFERENCE & LEARNING: 1 - 3 of 20


	The importance of integrating security into the SDLC 24 Jul 2006 FEATURED TOPIC - Including security in the software development life cycle is crucial to application security. Learn why it's so important and how you can do it in these articles and tips.


	Stop SQL injection attacks on applications 07 Feb 2006 FEATURED TOPIC - SQL injection attacks have been known to take down many Web sites and applications. What can you do to protect against these attacks? Learn more in these articles and tips.


	How to counter XSS attacks 16 Jan 2006 FEATURED TOPIC - If your Web application fails to validate user input, it could be vulnerable to cross-site exploits. Determine if your application is vulnerable and how to prevent XSS attacks.


	VIEW ALL REFERENCE & LEARNING ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)


DOWNLOADS: 1 - 2 of 2


	Injection attacks -- Knowledge and prevention Published by: SearchAppSecurity.com \| 31 Oct 2006 PODCASTS - SQL injection is a major threat to application security, but what of other injection attacks? Caleb Sima dissects these exploits and offers astute prevention tips in this podcast.


	The CLASP Application Security Process Published by: Secure Software Inc. \| 27 Jun 2006 DOWNLOAD - CLASP™ -- Comprehensive, Lightweight Application Security Process -- is a recognized best practices methodology that provides a well-organized and structured approach for integrating security requirements and ...


	VIEW ALL DOWNLOADS ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)


BEST WEB LINKS: 1 - 3 of 112


	A guide to cryptography in PHP DevX.com \| 02 May 2008 BEST WEB LINK - Developers who are looking to build application security measures into their code should check out this informative how-to piece on encryption in PHP. Various available cryptography packages are discussed.


	Inconvenient lack of truth Dark Reading \| 08 Apr 2008 BEST WEB LINK - A serious attitude shift is needed if security professionals want to be able to beat the bad guys. If the security people shared information like the bad guys do, Rich Mogull argues, then there would be fewer and less ...


	The importance of Web application firewall technology for protecting Web-based resources Help Net Security \| 12 Mar 2008 BEST WEB LINK - The authors discuss why dedicated Web application firewall technology is necessary to protect Web-facing resources.


	VIEW ALL BEST WEB LINKS ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)

SEE ALSO - Topics Related to Building security into the SDLC (Software development life cycle):
Software requirements techniques (Prototyping, Storyboards, Modeling, State transitions), Threat modeling, Use cases and misuse cases, Software requirements tools, Software Requirements Documentation

SEARCH

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2006 - 2008, TechTarget \| Read our Privacy Policy