Building security into the SDLC Software development life cycle
- January 11, 2007
A new WhiteHat Security report identifies and ranks Web application security vulnerabilities of custom Web applications. The most prevalent vulnerability -- cross-site scripting.
- December 11, 2006
Two low-cost/no-cost products from Cenzic help small to midsize companies protect against the most common Web application attacks.
- December 07, 2006
Web application threats increased significantly in 2006, and they aren't expected to let up. SPI Dynamics identifies which Web application trends will be security concerns in 2007.
- November 16, 2006
The SDLC (software development life cycle) must be revamped to accommodate application security. Find out how to incorporate security into the SDLC with techniques from Ryan Berg.
- November 09, 2006
Application security is strengthened by new programs from Aspect Security, Accenture and Symantec that stress repeatable processes performed throughout the SDLC.
- October 31, 2006
SQL injection is recognized as a major threat to application security, but what about other injection attacks? SPI Dynamics' Caleb Sima dissects these exploits and offers straightforward prevention techniques in this podcast.
- October 25, 2006
Agile software development should include security measures. Dan Cornell describes how to introduce application security into your agile software development life cycle (SDLC).
- October 23, 2006
Windows Vista is expected to be the most secure Microsoft product released thanks to the company's implementation of the Security Development Lifecycle (SDL).
- October 19, 2006
If there's one thing developers should do to increase Web applications security, it's input validation, according to Caleb Sima, founder and CTO of SPI Dynamics. In this interview, he discusses the most dangerous threats to Web applications, such ...
- October 12, 2006
As banks struggle to secure online transactions with two-factor authentication, the United Bankers' Bank has chosen a fingerprint biometric system and has seen excellent results.
- October 10, 2006
A new suite of security products from Layer 7 aims to protect SOA, Ajax and Web 2.0.
- September 25, 2006
A recent survey by Symantec finds more software developers consider application security a priority, but formal education and implementation of secure development practices still trails.
- September 08, 2006
American Express, Discover, JCB, MasterCard and Visa have created an independent PCI standards council. Their first act was to release version 1.1 of the PCI Data Security Standard, which clarifies existing requirements as well as adds a new one for...
- August 30, 2006
Application logic attacks are common, dangerous and difficult to detect. In this interview, expert Rami Jaamour defines and analyzes logic attacks and provides in-depth security advice. As these threats become more popular, it is imperative to ...
- August 10, 2006
A security vulnerability has forced the creators of Ruby on Rails to issue an immediate upgrade. Version 1.1.5, which is being called a mandatory upgrade, is available now.