Tips

Building security into the SDLC (Software development life cycle)

The complexities of mashup development

Web services mashups can enhance application function. However, there are some security and legal issues you should be aware of. Continue Reading
Shell script security: Protecting your code

Shell scripts are vulnerable to bugs and exploits like any other programming language. Learn how to secure your script and protect your applications with these tips from James Turnbull. Continue Reading
Challenges of two-factor authentication

Two-factor authentication offers many security benefits, but can be expensive and ineffective if not implemented carefully. In order to secure your apps, choose your authentication methods and tools wisely. Continue Reading
The importance of input validation

Web applications are vulnerable if you don't practice input validation. Learn how to prevent application attacks such as buffer overflow, SQL injection and cross-site scripting. Continue Reading
Buffer overflow tools facilitate application testing

Web applications are the conduit for buffer overflow attacks on the Web server. As such, it's imperative to make sure your applications cannot be exploited. These tools can help you out. Continue Reading

Hacking for Dummies -- Chapter 16, Web applications

Web application security is the subject of this free book excerpt. Kevin Beaver reviews application vulnerabilities, exploits, malware and countermeasures. Application hacks covered include insecure login mechanisms, directory traversal attacks and ... Continue Reading
Find Ajax security flaws using tests

Ajax security problems can be found by doing manual tests. What should you look for in order to prevent an attack? Andres Andreu provides some advice in this tip excerpted from the book Professional Pen Testing for Web Applications. Continue Reading
Integrating application security with application delivery

Application security should be integrated when planning your application infrastructure and investing in software development and equipment, Amir Peles warns. Neglecting application security leaves your applications open to exploits. Continue Reading
SQL injection: Secure your Web applications

SQL injection exploits wreak havoc on vulnerable Web sites. Expert Caleb Sima explains how to protect your applications against these popular and destructive injection attacks. Continue Reading
Software patching principle

Even if a company does all that it can to create perfect software, inevitably some vulnerabilities slip by. That's why it's essential to have an incident response process, as well as a plan for software patching. Continue Reading
CRLF injection attacks: How they work and what to do about them

CRLF injection exploits aren't as famous as SQL or LDAP injections, but they're just as damaging to vulnerable applications. Learn how this attack works and what you can do to defend your apps. Continue Reading

Adding 'fudge' to your passwords

Safe passwords are integral to Web application security. Unfortunately, recalling many complicated passwords is difficult. If you must write down your passwords to remember them, use this tip to create a safer password record. Continue Reading
Secure applications require security-aware end users

Having secure applications requires more than eliminating vulnerabilities in your code. Columnist Ken Salchow Jr. says end users must also understand that their actions can have serious security repercussions -- and companies need to provide ... Continue Reading
Ajax in Action -- Chapter 7, Security and Ajax

"Security and Ajax" looks at the issue of security in Ajax from a number of angles. Ajax is a Web technology and many of the issues that it faces are no different from any other Web app. This chapter covers the basic ground, concentrating on ... Continue Reading
Input Validation Attacks -- Chapter 6, Hacking Exposed Web Applications, Second Edition

Input validation routines serve as a first line of defense for a Web application. Buffer overflow, directory traversal, cross-site scripting and SQL injection are just a few of the attacks that can result from improper data validation. This chapter ... Continue Reading

Tips

Tips

Building security into the SDLC (Software development life cycle)

The complexities of mashup development

Shell script security: Protecting your code

Challenges of two-factor authentication

The importance of input validation

Buffer overflow tools facilitate application testing

Hacking for Dummies -- Chapter 16, Web applications

Find Ajax security flaws using tests

Integrating application security with application delivery

SQL injection: Secure your Web applications

Software patching principle

CRLF injection attacks: How they work and what to do about them

Adding 'fudge' to your passwords

Secure applications require security-aware end users

Ajax in Action -- Chapter 7, Security and Ajax

Input Validation Attacks -- Chapter 6, Hacking Exposed Web Applications, Second Edition

-ADS BY GOOGLE

SearchCloudComputing

The future of the Kubernetes ecosystem isn't all about cloud

Evaluate general and niche cloud service use cases

Compare niche cloud services to the hyperscale offerings

SearchAppArchitecture

A guide to open source technology in application development

Finding the right fit for business process automation

Business process automation software requires a strategy

SearchITOperations

Put infrastructure automation at the heart of modern IT ops

Geek gifts 2019: Think Opex, not Capex with subscriptions

Dynatrace monitoring faces market ambivalence in NoOps push

SearchAWS

Prepare for an AWS outage with these preventative steps

AWS seeks niche in the cloud UC market

National Australia Bank cashes in on AWS training and certification