 |
|
|
|
|
Building security into the SDLC (Software development life cycle)
News, tips and advice on how to build security into the software development life cycle so development teams can produce secure, quality software.
|
|
 |
|
|
|
|
Application security enters uncharted regions
SearchSoftwareQuality.com | 03.27.2008
OPINION - The revelation that pacemakers can be hacked illustrates how software makers have to start thinking differently about application security and quality.
|
|
|
Developers get bigger role in software quality, security
SearchSoftwareQuality.com | 28 Jan 2008
ARTICLE - In the continuing drive to address quality and security early in the SDLC two thought leaders in the automated source code analysis market are targeting products at the developer.
|
|
|
| EXPERT TECHNICAL ADVICE: 1 - 3 of 119 |
|
|
|
|
|
| BUILDING SECURITY INTO THE SDLC (SOFTWARE DEVELOPMENT LIFE CYCLE) EXPERTS |
|
|
|
|
|
|
Ramesh Nagappan
Java Technology Architect, Sun Microsystems
ASK A QUESTION |
|
Chris Wysopal
co-founder and chief technology officer, Veracode
ASK A QUESTION |
|
|
|
|
|
|
PCI DSS compliance: WAF, code review or both?
02 Jul 2008
EXPERT ANSWER - Complying with PCI DSS requirement 6.6 means installing a Web application firewall or conducting a code review. Application security expert Caleb Sima explains which option is best and how to get the most out of your app sec ...
|
|
|
Application security careers have bright future
09 Jun 2008
EXPERT ANSWER - Application security expert Dan Cornell explains why companies are taking a greater interest in incorporating security into the SDLC, and how this trend affects those breaking into the software security field.
|
|
|
| REFERENCE & LEARNING: 1 - 3 of 25 |
|
|
|
|
|
Web application security -- How to prevent attacks
20 Aug 2008
ALL-IN-ONE GUIDES - The battle against hackers is a difficult one. This guide introduces you to popular Web application attacks and provides tips, techniques and advice for keeping the bad guys out. |
|
|
PCI DSS compliance: The basics
SearchSoftwareQuality.com | 03 Jul 2008
LEARNING GUIDE - PCI DSS requires merchants to employ basic application security techniques in order to be in compliance. Here is an overview of PCI DSS and requirement 6.6. |
|
|
PCI DSS compliance: Code review
SearchSoftwareQuality.com | 03 Jul 2008
LEARNING GUIDE - Code review is a broad concept and those looking at this option for compliance will find plenty of information on the types of code review in this section of the guide. |
|
|
Injection attacks -- Knowledge and prevention
Published by: SearchAppSecurity.com | 31 Oct 2006
PODCASTS - SQL injection is a major threat to application security, but what of other injection attacks? Caleb Sima dissects these exploits and offers astute prevention tips in this podcast.
|
|
|
The CLASP Application Security Process
Published by: Secure Software Inc. | 27 Jun 2006
DOWNLOAD - CLASP™ -- Comprehensive, Lightweight Application Security Process -- is a recognized best practices methodology that provides a well-organized and structured approach for integrating security requirements and ...
|
|
|
| BEST WEB LINKS: 1 - 3 of 114 |
|
|
|
|
|
Are Java Web applications secure?
TheServerSide.com | 30 Jul 2008
BEST WEB LINK - This is an excellent paper that examines potential vulnerabilities in Java apps from every angle. Helpful graphs and illustrations abound. Ignore the grammatical quirks and mine this story for great information.
|
|
|
Reinvigorate your threat modeling process
MSDN Magazine | 01 Jul 2008
BEST WEB LINK - There are many things called threat modeling. Rather than argue about which is "the one true way," consider your needs and what your skills, abilities, and schedules are, and then work with a method that's best for you.
|
|
|
A guide to cryptography in PHP
DevX.com | 02 May 2008
BEST WEB LINK - Developers who are looking to build application security measures into their code should check out this informative how-to piece on encryption in PHP. Various available cryptography packages are discussed.
|
|
|
|
|
|
|
