Software security testing and techniques

MUST READ Web application security -- How to prevent attacks ALL-IN-ONE GUIDES - The battle against hackers is a difficult one. This guide introduces you to popular Web application attacks and provides tips, techniques and advice for keeping the bad guys out. Web application security testing checklist TIP - Testing your Web application security is something that needs be taken seriously. The best way to be successful is to prepare in advance and know what to look for. Creating a secure login page with Java EXPERT ANSWER - How do I create a secure login page using Java? I don't want a Web application security product; I want a solution TIP - The number of Web application security products available can make your head spin. A better option is a total solution that handles all of your Web application security needs. How to create a secure login page using ASP.NET EXPERT ANSWER - What security precautions should we take when creating a login page?

EXPERT TECHNICAL ADVICE: 1 - 3 of 119

SOFTWARE SECURITY TESTING AND TECHNIQUES EXPERTS
			Caleb Sima chief technologist for the HP Application Security Center ASK A QUESTION		Chris Wysopal co-founder and chief technology officer, Veracode ASK A QUESTION

	Spotting rich Internet application security flaws with WebGoat 07 Jul 2009 TIP - Learn how Web 2.0. and rich internet application security flaws missed by automated tools can be spotted with webgoat and similar free tools.

	Fixing four Web 2.0 input validation security mistakes 19 Jun 2009 TIP - Web app security expert Kevin Beaver uncovers common and uncommon Web application input validation problems and discusses solutions.

	Commonly-overlooked security flaws in rich Internet applications 22 Jun 2009 TIP - No matter how much security testing, scanning, and hacking you do, odds are you won't uncover every weakness. Rich Internet applications are just too complicated.

	VIEW ALL EXPERT TECHNICAL ADVICE ON SOFTWARE SECURITY TESTING AND TECHNIQUES

REFERENCE & LEARNING: 1 - 3 of 19

	Software security: Removing insecurity from outsourced development SearchSoftwareQuality.com | 31 Mar 2009 PODCAST - In this podcast, software security expert Jack Danahy describes when and when not to outsource application development and why.

	Web application security -- How to prevent attacks 20 Aug 2008 ALL-IN-ONE GUIDES - The battle against hackers is a difficult one. This guide introduces you to popular Web application attacks and provides tips, techniques and advice for keeping the bad guys out.

	PCI DSS compliance: The basics SearchSoftwareQuality.com | 03 Jul 2008 LEARNING GUIDE - PCI DSS requires merchants to employ basic application security techniques in order to be in compliance. Here is an overview of PCI DSS and requirement 6.6.

	VIEW ALL REFERENCE & LEARNING ON SOFTWARE SECURITY TESTING AND TECHNIQUES

NEWS: 1 - 3 of 117

	Software security best practices: Roles developers must play SearchSoftwareQuality.com | 04.15.2009 OPINION - Security expert Kevin Beaver offers advice on developers' growing role in ensuring software security, discussing tasks such as handling compliance, protecting login mechanisms, guarding against SSL, integrating with ...

	Why the quality assurance department should be involved in testing SearchSoftwareQuality.com | 03.09.2009 OPINION - Bring the quality assurance department's many resources into the software testing process from the get-go, one expert advises, and watch common software development problems dissolve.

	Do security certifications really matter? Yes, really SearchSoftwareQuality.com | 02.03.2009 OPINION - Jim Molini debunks some of the widespread myths about security certifications such as CISSP and CSSLP.

	VIEW ALL NEWS ON SOFTWARE SECURITY TESTING AND TECHNIQUES

DOWNLOADS: 1 - 3 of 6

	Video: Classification, detection of application backdoor attacks Published by: SearchSoftwareQuality.com | 04 Mar 2008 VIDEOS - Veracode's Chris Wysopal explains static detection methods for finding the four major types of backdoor attacks.

	Black, gray and white box testing explained -- Podcast Published by: SearchSoftwareQuality.com | 23 Mar 2007 PODCAST - Security is critical when operating a Web application. Black, gray and white box tests are three tests you can conduct to ensure an attacker can't get to your application.

	How source code analysis improves application security Published by: SearchSoftwareQuality.com | 27 Feb 2007 PODCAST - Many application vulnerabilities can be discovered and resolved through source code analysis. Learn how in this podcast with Denim Group's Dan Cornell.

	VIEW ALL DOWNLOADS ON SOFTWARE SECURITY TESTING AND TECHNIQUES

BEST WEB LINKS: 1 - 1 of 1

	White Papers: How to protect against SQL injection and other application attacks SearchAppSecurity.com | 07 Feb 2006 RESOURCE GUIDE - Fortunately, there are steps you can take now to prevent SQL injection and other attacks on your applications.

	VIEW ALL BEST WEB LINKS ON SOFTWARE SECURITY TESTING AND TECHNIQUES

SEE ALSO - Topics Related to Software security testing and techniques:  Software testing and quality assurance (QA) fundamentals, Software testing models and approaches (Context-driven, Factory, Analytic, Quality, IV&V), Software testing tools and frameworks, Software test design, Functional software testing, User acceptance testing, Software regression testing, Automated software testing, Software integration testing, Software performance, load and stress testing, Software unit testing, Usability testing, Software security testing tools