Home > Software Quality Tips > Application Security Book Excerpts > Fuzzing for Software Security Testing and Quality Assurance: Chapter 3, Testing for Quality
Software Quality Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

APPLICATION SECURITY BOOK EXCERPTS

Fuzzing for Software Security Testing and Quality Assurance: Chapter 3, Testing for Quality


Ari Takanen, Jared D. DeMott, and Charles Miller
07.25.2008
Rating: --- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


Fuzzing for Software Security Testing and Quality Assurance As a registered member of SearchSoftwareQuality.com, you're entitled to a complimentary excerpt from Chapter 3 of Fuzzing for Software Security Testing and Quality Assurance written by Ari Takanen, Jared D. DeMott, and Charles Miller and published by Artech House. "Testing for Quality" explains how testing fits in the QA process, approaches to testing, and the main categories of testing.

Book description:
 Learn the code cracker's malicious mindset so you can find worn-size holes in the software you are designing, testing, and building. Fuzzing for Software Security Testing and Quality Assurance takes a weapon from the black-hat arsenal to give you a powerful new tool to build secure, high-quality software. This practical resource helps you add extra protection without adding expense or time to already-tight schedules and budgets. The book shows you how to make fuzzing a standard practice that integrates seamlessly with all development activities.

This comprehensive reference goes through each phase of software development and points out where testing and auditing can tighten security. It surveys all popular commercial fuzzing tools and explains how to select the right one for a software development project. The book also identifies those cases where commercial tools fall short and when there is a need for building your own fuzzing tools.

>> Read "Testing for Quality" now.

>> Buy the book

Rate this Tip
To rate tips, you must be a member of SearchSoftwareQuality.com.
Register now to start rating these tips. Log in if you are already a member.




Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Application Security Book Excerpts
Software Security Engineering: A Guide for Project Managers -- Chapter 3, Requirements Engineering for Secure Software
InfoSecurity 2008 Threat Analysis, Chapter 4: XSS Theory
Google Hacking for Penetration Testers, Volume 2: Chapter 6, Locating Exploits and Finding Targets
Ajax Security -- Chapter 6, Transparency in Ajax Applications
Fuzzing: Brute Force Vulnerability Discovery -- Chapter 12, Fuzzing Frameworks
Cross Site Scripting Attacks: XSS Exploits and Defense -- Chapter 5, Advanced XSS Attack Vectors
Static Analysis as Part of the Code Review Process -- Chapter 3, Secure Programming with Static Analysis
Security Metrics: Replacing Fear, Uncertainty, and Doubt -- Chapter 3, Application Security Metrics
Forms Authentication -- Chapter 5, Professional ASP.NET 2.0 Security, Membership, and Role Management
Securing JavaServer Faces Applications -- Chapter 15, JavaServer Faces: The Complete Reference

Software security testing and techniques
How to learn white box testing
Security vulnerabilities found in open source Java projects
Ajax security -- Is anyone listening?
Critical security issues found in the Spring Framework
Web application security and the PCI DSS
PCI DSS compliance: Web application firewalls (WAFs)
PCI DSS compliance: The basics
PCI DSS compliance: Code review
PCI DSS compliance: WAF, code review or both?
The realities of using WAFs for PCI DSS 6.6 compliance

Security Methods
Software Security Engineering: A Guide for Project Managers -- Chapter 3, Requirements Engineering for Secure Software
Google Hacking for Penetration Testers, Volume 2: Chapter 6, Locating Exploits and Finding Targets
Ajax Security -- Chapter 6, Transparency in Ajax Applications
Fuzzing: Brute Force Vulnerability Discovery -- Chapter 12, Fuzzing Frameworks
Static Analysis as Part of the Code Review Process -- Chapter 3, Secure Programming with Static Analysis
Security Metrics: Replacing Fear, Uncertainty, and Doubt -- Chapter 3, Application Security Metrics
Forms Authentication -- Chapter 5, Professional ASP.NET 2.0 Security, Membership, and Role Management
Securing JavaServer Faces Applications -- Chapter 15, JavaServer Faces: The Complete Reference
Hacking for Dummies -- Chapter 16, Web applications
Penetration testing techniques -- Chapter 6, Professional Pen Testing for Web Applications

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2006 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts