Evaluate
Weigh the pros and cons of technologies, products and projects you are considering.
Software Security Testing Tools
ThreadFix: Open source defect management tool speeds security vulnerability fixes
Security and development teams can share a common defect management tool with ThreadFix, Denim Group's new open source security tool. Continue Reading
Security tools and application lifecycle management
Security and security tools have become more necessary to the application lifecycle, according to recent research. In this response, expert John Overbaugh discusses why security tools are essential to ALM and explains how he sees security activities... Continue Reading
Application security: Testing for insecure file references
Insecure file references are considered a significant security risk of Web applications. In this tip, security expert John Overbaugh explains this attack and gives instructions on how you can test for and detect this vulnerability. Continue Reading
-
What does "security testing" of my application actually mean?
What does a manager mean by "security testing"? In this response, expert Pete Walen offers insights into the broad category of application security testing and also recommends asking for clarification about the needs for your specific project. Continue Reading
When are security testing tools classified as ALM tools?
Application security testing tools can sometimes be considered part of the ALM tool set, and sometimes they fall under the category of the security management process. Read this expert response to learn how Mike Jones distinguishes different ... Continue Reading
How to best security test your applications: Collaboration and outsourcing
Security testing is an important factor in the application development process, and fortunately there are specialists who work to ensure that applications are as secure as possible. However, it can be difficult to know when it is necessary to ...Continue Reading
Application security: Protecting application availability, data confidentiality and integrity
Network security and application security are both important in keeping your applications safe from hackers. In this tip, security engineer John Overbaugh focuses on application security, which is needed to protect the confidentiality, availability ...Continue Reading
Security requirements for any Web application
When verifying security on your Web application, there are some general considerations that everyone should check off the list. Expert John Overbaugh offers insight into application security standards and steps your team can take while developing ...Continue Reading
Application security hardening for mobile and embedded software
With the increasing number of mobile devices and application downloads by consumers, application security is becoming more important than ever. In this tip, application hardening tools and the use of obfuscation is discussed. Industry analysts talk ...Continue Reading
Security lesson: Beating web application security threats
Explore the importance of Web application testing processes and find suggestions on best practices with a webcast on scanning and testing Web application security, a podcast on security testing and a tip on Web application best practices in this ...Continue Reading
-
Tools that generate test cases from software requirements
In this expert response, requirements expert Robin Goldsmith gives examples of a variety of tools, including tools based on use cases, state analysis tools, and all pairs tools, which generate test cases from software requirements. He also explains ...Continue Reading
Security ALM: Testing throughout the software application lifecycle
One of the most important aspects of software development today is writing secure software. Yet, for most IT organizations, security testing is introduced too late in the cycle to be of any help. Security expert John Overbaugh shares his experiences...Continue Reading
Beefing up SSL to ensure your applications are locked down
Even though SSL is an aged technology, most Web-related fears should lie elsewhere, says an expert. This tip explores where the real compromises are in Web security whether it is compliance issues, older SSL versions, cookies or weak encryption ...Continue Reading
Security best practices for today's Web applications
Web 2.0 and Rich Internet applications, though great functionality-wise. can place many complications in the way of Web security. In this tip, a Web security expert explains where problems can occur and what free tools are available to avoid issues.Continue Reading
What to look for in future renditions of Web 2.0 application security
This is an software expert's perspective on future Web 2.0 applications, security issues and expected problems. Prepare for future application difficulties by mastering solutions current ones says application security veteran Kevin BeaverContinue Reading