Software Security Test Best Practices
- April 18, 2007
What's the best way to protect your software? Act like an attacker. Herbert H. Thompson, PhD., chief security strategist at People Security, outlines how to attack (test) software yourself.
- April 09, 2007
Security is critical when operating a Web application. Black, gray and white box tests are three tests you can conduct to ensure an attacker can't get to your application. In this podcast, Jennette Mullaney refers to information from Dan Cornell, ...
- April 03, 2007
Cenzic is offering up to $20,000 credit to switch to a Cenzic product from a competing application security product from SPI Dynamics, Watchfire or WhiteHat.
- March 19, 2007
Parasoft today released Parasoft WebKing 6.0, an automated Web testing suite that provides comprehensive testing and analysis of complex Ajax and rich Internet applications (RIA).
- March 19, 2007
Fortify Software has extended the use of its Fortify Defender intrusion detection tool to work with Web applications written in .NET.
- March 06, 2007
New application vulnerabilities are disclosed daily. Many of them, however, can be discovered and resolved through source code analysis. Learn how in this podcast with Denim Group's Dan Cornell.
- March 05, 2007
Although Java has been found to be more secure than other languages, a report from Fortify Software's Java Open Review Project warns that developers may inadvertently introduce vulnerabilities into their own code by using the sample code and ...
- February 05, 2007
Ounce Labs has added report generation to its source code analysis solution. The reports measure the compliance with security best practices and regulatory requirements.
- January 30, 2007
Software developers and testers who use Borland's Gauntlet will now have Cenzic's Hailstorm application security testing tool available to them.
- January 29, 2007
Klocwork introduces Developer for Java, an Eclipse/Rational plug-in that enables developers to analyze code for security vulnerabilities and defects.
- January 18, 2007
Fortify Software's acquisition of Secure Software increases its source code analysis offerings and expands its presence into the requirements and design phases of the SDLC.
- January 11, 2007
A new WhiteHat Security report identifies and ranks Web application security vulnerabilities of custom Web applications. The most prevalent vulnerability -- cross-site scripting.
- December 11, 2006
Two low-cost/no-cost products from Cenzic help small to midsize companies protect against the most common Web application attacks.
- December 07, 2006
Web application threats increased significantly in 2006, and they aren't expected to let up. SPI Dynamics identifies which Web application trends will be security concerns in 2007.
- November 30, 2006
Ajax security can be achieved by following the proper guidelines. In this podcast, expert Caleb Sima explains why Ajax is not inherently insecure, which tools work and which don't, and how to safely deploy Ajax.