Software Security Test Best Practices
- August 30, 2006
Application logic attacks are common, dangerous and difficult to detect. In this interview, expert Rami Jaamour defines and analyzes logic attacks and provides in-depth security advice. As these threats become more popular, it is imperative to ...
- August 29, 2006
Foundstone's Hacme Casino shows some of the threats online gaming applications face and helps developers see how these issues may be present in their own code.
- August 15, 2006
The combination of Fortify's source code analyzer with Watchfire's Web application vulnerability scanner provides a more complete assessment of application vulnerabilities. By correlating the results, developers can be taken to the actual line of ...
- August 14, 2006
Loan sale advisor taps Cenzic's ClickToSecure vulnerability assessment services to test applications on its online marketplace. Investment helps give company edge over competitors -- and keeps attackers at bay.
- August 10, 2006
A security vulnerability has forced the creators of Ruby on Rails to issue an immediate upgrade. Version 1.1.5, which is being called a mandatory upgrade, is available now.
- August 08, 2006
Ajax makes smooth Web applications like Google Maps possible, but the rush to adopt the technology may lead to haphazard development and exploitation by hackers.
- August 02, 2006
Metasploit Project founder H.D. Moore has released the first full beta of version 3.0 of the Metasploit Framework, his penetration testing software.
- July 31, 2006
Fortify Software has classified 115 software security vulnerabilities into seven top-level issues and given the research to OWASP to aid with its Honeycomb Project. The goal is to help programmers understand common coding mistakes and to give back ...
- July 28, 2006
Automated security updates, a Team Integration System, improved reporting capabilities and additional vulnerability rules are among the new features in DevPartner SecurityChecker 2.5.
- July 18, 2006
Web services security is under attack. Compliance with standards such as PCI, the use of sophisticated security technologies and new, targeted tools from Watchfire should mitigate these threats.
- July 11, 2006
Ajax security is increasingly important as attackers have set their sights on Ajax apps. Andrew van der Stock explained what risks developers need to be aware of in July 10, 2006 10 Jul'06
Thomson Learning's chief SOA architect makes sure rogue services get stamped out before they get near the production environment.
- July 06, 2006
Web application security in Ajax is becoming an issue. Andrew van der Stock, who is heading the OWASP Guide project, spoke with SearchSoftwareQuality.com about Ajax security and what risks developers need to be concerned about.
- June 30, 2006
Klocwork's K7.1 static analysis tool features 44 new vulnerability checkers across Java, C, and C++, as well as features ARM Compiler and Java 1.5 support.
- June 27, 2006
The Web application security market is maturing, and more companies are looking for tools to help them better secure their software. SPI Dynamics responded to that need this week with the announcement of two new products -- WebInspect 6.0 and ...