Software Security Test Best Practices

  • June 23, 2006 23 Jun'06

    Demystifying Java security -- Part 2

    Java application security is further explored in the second part of Ramesh Nagappan's Java security series. Part 2 concentrates on Java Web Start security, Java Extensible Security Architecture and APIs.

  • June 23, 2006 23 Jun'06

    More attacks against Web-based applications expected

    The recent attacks against Yahoo and Google are only the beginning, experts say, as malware authors seek out vulnerable Web applications that are often hard to secure.

  • June 15, 2006 15 Jun'06

    Cenzic program takes aim at Web site security

    As part of its "No Website Left Behind" initiative, Cenzic offers complimentary application security assessment to help companies ensure Web application security.

  • June 14, 2006 14 Jun'06

    What's in your security toolbox?

    Joe Stagner, Microsoft technical evangelist and developer community champion, shared with Software Security Summit attendees tools he's found that help secure applications.

  • June 09, 2006 09 Jun'06

    Ounce Labs reaches out to developers with new analysis tool

    Ounce 4.0 source code vulnerability analysis tool provides free plug-ins for Microsoft Visual Studio 2005 and Eclipse, allowing developers to scan code for vulnerabilities.

  • June 06, 2006 06 Jun'06

    Are white hat hackers an endangered species?

    The recent prosecution of so-called white hat hackers is fueling a debate over the future of security researchers and acceptable ethics in cyberspace.

  • May 29, 2006 29 May'06

    Burton: Web services security standards promising

    A Burton analyst says the WS-* security stack is on track, but organizations still need to think through security policies and implement a layered security strategy.

  • May 23, 2006 23 May'06

    IBM rechristens DataPower SOA appliances

    WebSphere DataPower SOA Appliances debut with security enhancements developed during the six months since IBM acquired the XML processing hardware startup.

  • May 18, 2006 18 May'06

    New SAP business unit to focus on compliance

    SAP is creating a new business unit to wrap its compliance products with software from its recent acquisition of compliance software vendor, Virsa Systems Inc.

  • May 17, 2006 17 May'06

    Brief: Denim Group releases open-source security scanner for Ajax

    Denim Group has released Sprajax, an open-source Web application security scanner developed to assess the security of Ajax-enabled Web applications.

  • May 09, 2006 09 May'06

    Best practices for building software security into the SDLC

    Software security doesn't require completely changing your software development life cycle. Application security expert Gary McGraw, author of Software Security: Building Security In, talks about software security best practices that can be easily ...

  • May 01, 2006 01 May'06

    SOA's orphan standard WS-Policy finds a home at W3C

    The W3C accepts the Web services specification WS-Policy for standards consideration, bringing a key component for SOA into the public domain.

  • May 01, 2006 01 May'06

    Application security defense in depth: Strategies to lock down your Web apps

    Web applications need a layered approach to tackling security. Most organizations have deployed this at at the infrastructure level, but now experts say it's time to apply that approach to application security as well.

  • May 01, 2006 01 May'06

    Top U.S. universities failing in online privacy

    With the University of Texas the latest to admit it's been hacked, a new national survey shows the nation's top schools aren't making the grade when it comes to online privacy.

  • April 26, 2006 26 Apr'06

    Web services pen testing tool released

    NeuroFuzz has released WSFuzzer Version 1.5, a pen testing tool that audits HTTP-based SOAP targets.