Evaluate

Software Security Testing Tools

• ThreadFix: Open source defect management tool speeds security vulnerability fixes

  Security and development teams can share a common defect management tool with ThreadFix, Denim Group's new open source security tool. Continue Reading

• Security tools and application lifecycle management

  Security and security tools have become more necessary to the application lifecycle, according to recent research. In this response, expert John Overbaugh discusses why security tools are essential to ALM and explains how he sees security activities... Continue Reading

• Application security: Testing for insecure file references

  Insecure file references are considered a significant security risk of Web applications. In this tip, security expert John Overbaugh explains this attack and gives instructions on how you can test for and detect this vulnerability. Continue Reading

• What does "security testing" of my application actually mean?

  What does a manager mean by "security testing"? In this response, expert Pete Walen offers insights into the broad category of application security testing and also recommends asking for clarification about the needs for your specific project. Continue Reading

• When are security testing tools classified as ALM tools?

  Application security testing tools can sometimes be considered part of the ALM tool set, and sometimes they fall under the category of the security management process. Read this expert response to learn how Mike Jones distinguishes different ... Continue Reading

• How to best security test your applications: Collaboration and outsourcing

  Security testing is an important factor in the application development process, and fortunately there are specialists who work to ensure that applications are as secure as possible. However, it can be difficult to know when it is necessary to ...Continue Reading

• Application security: Protecting application availability, data confidentiality and integrity

  Network security and application security are both important in keeping your applications safe from hackers. In this tip, security engineer John Overbaugh focuses on application security, which is needed to protect the confidentiality, availability ...Continue Reading

• Security requirements for any Web application

  When verifying security on your Web application, there are some general considerations that everyone should check off the list. Expert John Overbaugh offers insight into application security standards and steps your team can take while developing ...Continue Reading

• Application security hardening for mobile and embedded software

  With the increasing number of mobile devices and application downloads by consumers, application security is becoming more important than ever. In this tip, application hardening tools and the use of obfuscation is discussed. Industry analysts talk ...Continue Reading

• Security lesson: Beating web application security threats

  Explore the importance of Web application testing processes and find suggestions on best practices with a webcast on scanning and testing Web application security, a podcast on security testing and a tip on Web application best practices in this ...Continue Reading

• Tools that generate test cases from software requirements

  In this expert response, requirements expert Robin Goldsmith gives examples of a variety of tools, including tools based on use cases, state analysis tools, and all pairs tools, which generate test cases from software requirements. He also explains ...Continue Reading

• Security ALM: Testing throughout the software application lifecycle

  One of the most important aspects of software development today is writing secure software. Yet, for most IT organizations, security testing is introduced too late in the cycle to be of any help. Security expert John Overbaugh shares his experiences...Continue Reading

• Beefing up SSL to ensure your applications are locked down

  Even though SSL is an aged technology, most Web-related fears should lie elsewhere, says an expert. This tip explores where the real compromises are in Web security whether it is compliance issues, older SSL versions, cookies or weak encryption ...Continue Reading

• Security best practices for today's Web applications

  Web 2.0 and Rich Internet applications, though great functionality-wise. can place many complications in the way of Web security. In this tip, a Web security expert explains where problems can occur and what free tools are available to avoid issues.Continue Reading

• What to look for in future renditions of Web 2.0 application security

  This is an software expert's perspective on future Web 2.0 applications, security issues and expected problems. Prepare for future application difficulties by mastering solutions current ones says application security veteran Kevin BeaverContinue Reading