Home > Software Quality Topics > Software Requirements > Building security into the SDLC (Software development life cycle)
Software Quality Topics:
EMAIL THIS
 TOPICS HOME   BROWSE ALL SOFTWARE QUALITY TOPICS   SOFTWARE QUALITY INFO CENTERS   RESOURCE CENTERS     RSS FEEDS 

Building security into the SDLC (Software development life cycle)


News, tips and advice on how to build security into the software development life cycle so development teams can produce secure, quality software.
IN THIS TOPIC:  NEWS (69) , EXPERT TECHNICAL ADVICE (115) , REFERENCE & LEARNING (20) , DOWNLOADS (2) , BEST WEB LINKS (112)

  NEWS: 1 - 3 of 69
Application security enters uncharted regions
SearchSoftwareQuality.com | 03.27.2008
OPINION - The revelation that pacemakers can be hacked illustrates how software makers have to start thinking differently about application security and quality.
Developers get bigger role in software quality, security
SearchSoftwareQuality.com | 28 Jan 2008
ARTICLE - In the continuing drive to address quality and security early in the SDLC two thought leaders in the automated source code analysis market are targeting products at the developer.
Microsoft's Michael Howard: Security must be a part of every application
SearchSoftwareQuality.com | 28 Nov 2007
INTERVIEW - Security needs to become a way of life in application development, Microsoft's Michael Howard says. Use tools and educate people to make sure your applications aren't weak links.
VIEW ALL NEWS ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)

  EXPERT TECHNICAL ADVICE: 1 - 3 of 115
BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE) EXPERTS
Ramesh Nagappan
Java Technology Architect, Sun Microsystems
ASK A QUESTION
Chris Wysopal
co-founder and chief technology officer
ASK A QUESTION
How to prevent XPath injection
Submitted By: SearchSoftwareQuality.com | 11 Feb 2008
TIP - Parameterization and input validation are invaluable to application security. Which method is best for preventing XPath injection attacks? Expert Chris Eng explains.
InfoSecurity 2008 Threat Analysis, Chapter 4: XSS Theory
Submitted By: SearchSoftwareQuality.com | 07 Jan 2008
TIP - Application security threats are becoming more complex than ever before. This free chapter explains how cross-site scripting (XSS) works.
How to prevent anti-DNS pinning attacks
19 Dec 2007
EXPERT ANSWER - Application security measures can prevent anti-DNS pinning, aka DNS rebinding. Expert Chris Wysopal explains how to protect end users from this attack.
VIEW ALL EXPERT TECHNICAL ADVICE ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)

  REFERENCE & LEARNING: 1 - 3 of 20
The importance of integrating security into the SDLC
24 Jul 2006
FEATURED TOPIC - Including security in the software development life cycle is crucial to application security. Learn why it's so important and how you can do it in these articles and tips.
Stop SQL injection attacks on applications
07 Feb 2006
FEATURED TOPIC - SQL injection attacks have been known to take down many Web sites and applications. What can you do to protect against these attacks? Learn more in these articles and tips.
How to counter XSS attacks
16 Jan 2006
FEATURED TOPIC - If your Web application fails to validate user input, it could be vulnerable to cross-site exploits. Determine if your application is vulnerable and how to prevent XSS attacks.
VIEW ALL REFERENCE & LEARNING ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)

  DOWNLOADS: 1 - 2 of 2
Injection attacks -- Knowledge and prevention
Published by: SearchAppSecurity.com | 31 Oct 2006
PODCASTS - SQL injection is a major threat to application security, but what of other injection attacks? Caleb Sima dissects these exploits and offers astute prevention tips in this podcast.
The CLASP Application Security Process
Published by: Secure Software Inc. | 27 Jun 2006
DOWNLOAD - CLASP™ -- Comprehensive, Lightweight Application Security Process -- is a recognized best practices methodology that provides a well-organized and structured approach for integrating security requirements and ...
VIEW ALL DOWNLOADS ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)

  BEST WEB LINKS: 1 - 3 of 112
A guide to cryptography in PHP
DevX.com | 02 May 2008
BEST WEB LINK - Developers who are looking to build application security measures into their code should check out this informative how-to piece on encryption in PHP. Various available cryptography packages are discussed.
Inconvenient lack of truth
Dark Reading | 08 Apr 2008
BEST WEB LINK - A serious attitude shift is needed if security professionals want to be able to beat the bad guys. If the security people shared information like the bad guys do, Rich Mogull argues, then there would be fewer and less ...
The importance of Web application firewall technology for protecting Web-based resources
Help Net Security | 12 Mar 2008
BEST WEB LINK - The authors discuss why dedicated Web application firewall technology is necessary to protect Web-facing resources.
VIEW ALL BEST WEB LINKS ON BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE)

SEE ALSO - Topics Related to Building security into the SDLC (Software development life cycle): 
Software requirements techniques (Prototyping, Storyboards, Modeling, State transitions), Threat modeling, Use cases and misuse cases, Software requirements tools, Software Requirements Documentation


About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2006 - 2008, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts