Software Security Test Best Practices
- April 26, 2006
The much anticipated WS-Policy standard will provide a loosely coupled framework for adding governance and security to SOA deployments.
- April 24, 2006
An intense interest from legislators and little corporate opposition suggest that Congress will pass a data breach bill this year that may supersede more than 20 state laws.
- April 20, 2006
Recognizing that Web applications are "the next big thing" for hackers, Boston College's security group adopted Cenzic's Hailstorm for automated application security assessment.
- April 11, 2006
AppScan OnDemand services are designed to lower TCO and help organizations keep up with testing frequently changing Web applications.
- April 06, 2006
Parasoft Corp. recently released Parasoft C++test 6.7, an automated unit testing and code analysis tool suite designed to help software engineers prevent software errors as they develop.
- March 29, 2006
Cenzic's Intelligent Analysis (CIA) research lab recently named the top five most serious Web application vulnerabilities for the month of February. The company's top five list includes vulnerabilities in many of today's most widely used business ...
- March 23, 2006
Web application security was one of the themes at Boston's SecureWorld, but both security tools vendors and attendees stress more education is needed among developers.
- March 08, 2006
WiKID Systems Inc. has released a WiKID Firefox extension, an authentication tool for WiKID-enabled Web sites.
- March 02, 2006
IBM, Novell and Parity Communications announced they are contributing code to an Eclipse project, code-named Project Higgins, which is developing a trust framework for user-centric identity management.
- February 21, 2006
Automated tools have their role in securing applications, but you can't rely on them totally. You also need skilled people to help identify vulnerabilities throughout the development lifecycle.
- February 20, 2006
A free tool was released last week that helps penetration testers and other security experts find SQL injection vulnerabilities. The application security tool SQL Power Injector is a graphical application that helps penetration testers inject SQL ...
- February 08, 2006
- February 01, 2006
Ajax applications are exposed to Web services security vulnerabilities, warns an alert from XML security vendor Forum Systems.
- January 12, 2006
Open source experts explain why CERT's damning report on Linux security is wrong. Then, they read between the lines and see that application security is in trouble.
- January 09, 2006
Web services security -- Chapter 8, OWASP Guide to Building Secure Web Applications and Web Services
Web services security issues and how to deal with those issues are addressed in this section of the OWASP Guide to Building Secure Web Applications and Web Services.