Building security into the SDLC Software development life cycle

  • January 11, 2007 11 Jan'07

    Web application security vulnerabilities by the numbers

    A new WhiteHat Security report identifies and ranks Web application security vulnerabilities of custom Web applications. The most prevalent vulnerability -- cross-site scripting.

  • December 11, 2006 11 Dec'06

    Web application security for small businesses

    Two low-cost/no-cost products from Cenzic help small to midsize companies protect against the most common Web application attacks.

  • December 07, 2006 07 Dec'06

    Top Web application security threats for 2007

    Web application threats increased significantly in 2006, and they aren't expected to let up. SPI Dynamics identifies which Web application trends will be security concerns in 2007.

  • November 16, 2006 16 Nov'06

    SDLC lacks application security practices

    The SDLC (software development life cycle) must be revamped to accommodate application security. Find out how to incorporate security into the SDLC with techniques from Ryan Berg.

  • November 09, 2006 09 Nov'06

    Application security bolstered by new services

    Application security is strengthened by new programs from Aspect Security, Accenture and Symantec that stress repeatable processes performed throughout the SDLC.

  • October 31, 2006 31 Oct'06

    Injection attacks -- Knowledge and prevention

    SQL injection is recognized as a major threat to application security, but what about other injection attacks? SPI Dynamics' Caleb Sima dissects these exploits and offers straightforward prevention techniques in this podcast.

  • October 25, 2006 25 Oct'06

    Secure agile software development an oxymoron?

    Agile software development should include security measures. Dan Cornell describes how to introduce application security into your agile software development life cycle (SDLC).

  • October 23, 2006 23 Oct'06

    Microsoft takes Vista security to a new level using SDL

    Windows Vista is expected to be the most secure Microsoft product released thanks to the company's implementation of the Security Development Lifecycle (SDL).

  • October 19, 2006 19 Oct'06

    One simple rule to make your Web apps more secure

    If there's one thing developers should do to increase Web applications security, it's input validation, according to Caleb Sima, founder and CTO of SPI Dynamics. In this interview, he discusses the most dangerous threats to Web applications, such ...

  • October 12, 2006 12 Oct'06

    Biometric authentication a choice for banks

    As banks struggle to secure online transactions with two-factor authentication, the United Bankers' Bank has chosen a fingerprint biometric system and has seen excellent results.

  • October 10, 2006 10 Oct'06

    Web services security enhanced by new technologies

    A new suite of security products from Layer 7 aims to protect SOA, Ajax and Web 2.0.

  • September 25, 2006 25 Sep'06

    Application security more of a priority, but practices still lag

    A recent survey by Symantec finds more software developers consider application security a priority, but formal education and implementation of secure development practices still trails.

  • September 08, 2006 08 Sep'06

    PCI council formed; revised standard includes app security requirement

    American Express, Discover, JCB, MasterCard and Visa have created an independent PCI standards council. Their first act was to release version 1.1 of the PCI Data Security Standard, which clarifies existing requirements as well as adds a new one for...

  • August 30, 2006 30 Aug'06

    Prevent application logic attacks with sound app security practices

    Application logic attacks are common, dangerous and difficult to detect. In this interview, expert Rami Jaamour defines and analyzes logic attacks and provides in-depth security advice. As these threats become more popular, it is imperative to ...

  • August 10, 2006 10 Aug'06

    Ruby on Rails experiences serious security breach

    A security vulnerability has forced the creators of Ruby on Rails to issue an immediate upgrade. Version 1.1.5, which is being called a mandatory upgrade, is available now.