Software security testing and techniques

MUST READ What to look for in a Web application security testing tool TIP - If you do a lot of Web application security scanning, any testing tool you use must have these features, says security expert Kevin Beaver. I don't want a Web application security product; I want a solution TIP - The number of Web application security products available can make your head spin. A better option is a total solution that handles all of your Web application security needs. Creating a secure login page with Java EXPERT ANSWER - How do I create a secure login page using Java? How to create a secure login page using ASP.NET EXPERT ANSWER - What security precautions should we take when creating a login page?

EXPERT TECHNICAL ADVICE: 1 - 3 of 90

SOFTWARE SECURITY TESTING AND TECHNIQUES EXPERTS
			Chris Wysopal co-founder and chief technology officer ASK A QUESTION		Caleb Sima co-founder, chief technology officer, director of SPI Labs ASK A QUESTION

	Getting started with Web application misuse cases Submitted By: SearchSoftwareQuality.com | 17 Apr 2008 TIP - When developing applications it isn't enough to think about how they will be used. You must also consider how they will be misused -- or abused -- so that you can prevent attacks.

	Web application security testing basics Submitted By: SearchSoftwareQuality.com | 17 Apr 2008 PODCAST - Static and dynamic analysis -- manual or automated -- can help uncover Web app security flaws. Learn how to use the techniques to make sure your applications aren't open to attack.

	Testing custom applications in a manufacturing context 21 Jan 2008 EXPERT ANSWER - When testing custom applications, how do you divide testing responsibilities among departments? Experts Mike Kelly and Tate Stuntz explain how.

	VIEW ALL EXPERT TECHNICAL ADVICE ON SOFTWARE SECURITY TESTING AND TECHNIQUES

REFERENCE & LEARNING: 1 - 3 of 13

	Better software through debugging and unit testing -- Debugging for security SearchSoftwareQuality.com | 02 Nov 2007 LEARNING GUIDE - Application security is, unfortunately, still an afterthought in the SDLC. Debugging, however, presents a perfect opportunity to root out security holes.

	Web application testing techniques 04 Apr 2007 FEATURED TOPIC - Web applications have their own quality and security issues that software developers and testers need to be aware of. Testing can help you find those bugs and vulnerabilities.

	Stop SQL injection attacks on applications 07 Feb 2006 FEATURED TOPIC - SQL injection attacks have been known to take down many Web sites and applications. What can you do to protect against these attacks? Learn more in these articles and tips.

	VIEW ALL REFERENCE & LEARNING ON SOFTWARE SECURITY TESTING AND TECHNIQUES

NEWS: 1 - 3 of 102

	OWASP kicks off Summer of Code 2008 SearchSoftwareQuality.com | 12 Mar 2008 ARTICLE - Participants in the Open Web Application Security Project (OWASP) Summer of Code program receive money for working on OWASP and Web application security projects.

	Ajax security concerns you need to be aware of SearchSoftwareQuality.com | 16 Jan 2008 ARTICLE - As developers implement Ajax and Web 2.0 applications, they need to understand security issues such as cross-site scripting, cross-site request forgery and JavaScript hijacking.

	Microsoft's Michael Howard: Security must be a part of every application SearchSoftwareQuality.com | 28 Nov 2007 INTERVIEW - Security needs to become a way of life in application development, Microsoft's Michael Howard says. Use tools and educate people to make sure your applications aren't weak links.

	VIEW ALL NEWS ON SOFTWARE SECURITY TESTING AND TECHNIQUES

DOWNLOADS: 1 - 3 of 6

	Video: Classification, detection of application backdoor attacks Published by: SearchSoftwareQuality.com | 04 Mar 2008 VIDEOS - Veracode's Chris Wysopal explains static detection methods for finding the four major types of backdoor attacks.

	Black, gray and white box testing explained -- Podcast Published by: SearchSoftwareQuality.com | 23 Mar 2007 PODCAST - Security is critical when operating a Web application. Black, gray and white box tests are three tests you can conduct to ensure an attacker can't get to your application.

	How source code analysis improves application security Published by: SearchSoftwareQuality.com | 27 Feb 2007 PODCAST - Many application vulnerabilities can be discovered and resolved through source code analysis. Learn how in this podcast with Denim Group's Dan Cornell.

	VIEW ALL DOWNLOADS ON SOFTWARE SECURITY TESTING AND TECHNIQUES

BEST WEB LINKS: 1 - 3 of 98

	Microsoft Test Center Microsoft Developer Network | 18 Jan 2008 BEST WEB LINK - Tester Center is a community where software testers can share knowledge and learn from each other about testing, their day-to-day job functions, processes, the tools they use, and the various roles they play. You'll find ...

	Ajax: From a tester's point of view StickyMinds.com | 30 Jun 2007 BEST WEB LINK - This paper presents an overview of Ajax, what a black box tester should know before he leaps into Ajax testing, and the security risks that Ajax applications open up.

	Unit testing security example hacked | 21 Sep 2007 BEST WEB LINK - This is a simple little demonstration of how to write unit tests to test out a specific role-based permission issue using NUnit/MbUnit and Rhino Mocks.

	VIEW ALL BEST WEB LINKS ON SOFTWARE SECURITY TESTING AND TECHNIQUES

SEE ALSO - Topics Related to Software security testing and techniques:  Software testing and quality assurance (QA) fundamentals, Software testing models and approaches (Context-driven, Factory, Analytic, Quality, IV&V), Software testing tools and frameworks, Software test design, Functional software testing, User acceptance testing, Software regression testing, Automated software testing, Software integration testing, Software performance, load and stress testing, Software unit testing, Usability testing, Software security testing tools