Tips

Tips

Software Security Testing Tools

• Tutorial: Installing and running Selenium-RC in Perl

  Used in conjunction with Selenium's online tutorials, this tip will provide additional guidance on how to start out with Selenium RC in Perl regardless of your platform or server. Once you have Selenium set up, this tip explains how to create and ...  Continue Reading

• Beefing up SSL to ensure your applications are locked down

  Even though SSL is an aged technology, most Web-related fears should lie elsewhere, says an expert. This tip explores where the real compromises are in Web security whether it is compliance issues, older SSL versions, cookies or weak encryption ...  Continue Reading

• Network security: Analyze your hosts and ports with nmap, Nessus, and netcat

  Application expert explains security testing tool options like nmap, Nessus and netcat to keep your software safe and secure. According to Chris McMahon some of the key areas to focus on when using open source tools are your ports, IP address and ...  Continue Reading

• Security best practices for today's Web applications

  Web 2.0 and Rich Internet applications, though great functionality-wise. can place many complications in the way of Web security. In this tip, a Web security expert explains where problems can occur and what free tools are available to avoid issues.  Continue Reading

• Application security checklist: Finding, eliminating SQL injection flaws

  Seeking out SQL injection issues and entry-ways? This application security checklist shows ways to identify susceptible application areas and kill flaws. Web 2.0 application security expert Kevin Beaver explains how to discover SQL injection issues,...  Continue Reading

• Free tools for Agile testers

  A software expert describes the benefits and restrictions of free agile testing tools in this tip. Learn how to use and locate Selenium IDE, Sun VirtualBox and Pivotal Tracker. Knowing how to effectively run these tools and which ones function best...  Continue Reading

• Rich Internet applications security testing checklist

  Fix common RIA and Web 2.0 application problems typically caused by Ajax, Flash and other technologies with these tips. Software expert Kevin Beaver explains why add-ons, plug-ins and multimedia features are causing more security flaws.  Continue Reading

• Finding cross-site scripting (XSS) application flaws checklist

  Cross-site scripting (XSS) is a major concern, it can be unpredictable and requires multiple tools to test it . Expert Kevin Beaver sheds light on the history of XSS issues and recommends tools to prevent XSS application issues.  Continue Reading

• Essentials of static source code analysis for Web applications

  Running security analysis tools against your source code has been the cornerstone test method for years, but many do not understand the value of testing in this way, or the money it can save you.  Continue Reading

• Spotting rich Internet application security flaws with WebGoat

  Learn how Web 2.0. and other rich internet application security flaws are missed by automated tools that can easily be spotted with webgoat and similar free online tools. Learning how to use these tools can be a career asset, according to expert ...  Continue Reading

• Commonly-overlooked security flaws in rich Internet applications.

  No matter how much security testing, scanning, and hacking you do, odds are you won't uncover every weakness. Rich Internet applications are just too complicated.  Continue Reading

• 10 steps to acing Web app security assessments

  Strengthen your Web application security assessments and testing with these 10 tips from IT security expert Kevin Beaver.  Continue Reading

• Hack maliciously to boost your software's security

  Secure your applications by hacking your software as maliciously as criminals do, advises IT security pro Kevin Beaver in this how-to tip.  Continue Reading

• Testing rich Internet applications: 2009's best free tools

  Battle security threats to Ajax, Web services and other software with these free tools for testing rich Internet applications .  Continue Reading

• Using the Firefox Web Developer extension to find security flaws

  Originally a tool for tweaking and troubleshooting Web pages, Firefox Web Developer has evolved over the years into a formidable tool for manually uncovering security flaws.  Continue Reading