Secure Software Development news, help and research


	Secure Software Development


	Home > Security Topics > Application Security > Secure Software Development > Expert Technical Advice

Security Topics:

EMAIL THIS

TOPICS HOME

BROWSE ALL SECURITY TOPICS

SECURITY INFO CENTERS

RESOURCE CENTERS

RSS FEEDS


Secure Software Development



IN THIS TOPIC:	NEWS (85) , EXPERT TECHNICAL ADVICE (29) , REFERENCE & LEARNING (10) , MAGAZINE CONTENT (14) , WEBCASTS (3) , DEFINITIONS (6)

Display in sets of:


1 - 10 of 29 in Expert Technical Advice		<< Previous page 1 2 3 Next >>



SECURE SOFTWARE DEVELOPMENT EXPERTS



			Michael Cobb Founder and Managing Director, Cobweb Applications Ltd. ASK A QUESTION


	Which automated quality assurance tools can be used to test software? 09 Jun 2008 EXPERT ANSWER - If your application development process is not yet addressing security at all six phases of the lifecycle, now is the time to start. Application security expert Michael Cobb explains which quality assurance tools can help.


	Will Cisco's plan to open access to the IOS improve network security? 21 Apr 2008 EXPERT ANSWER - If Cisco's initiative pans out, we're likely to see a number of new network management tools that integrate with IOS. Mike Chapple explains why that centralization will be a security improvement.


	Best practices for using restriction policy whitelists 02 Apr 2008 EXPERT ANSWER - Ed Skoudis discusses which systems should be considered for software restriction policy whitelists, and unveils how whitelisting can improve security.


	What software development best practices can prevent input validation attacks? 11 Feb 2008 EXPERT ANSWER - Improper input validation leads to numerous kinds of attacks, including cross-site scripting, SQL injection and command injection. In this expert Q&A, Michael Cobb reviews the most important application development practices.


	Enterprise security in 2008: Building trust into the application development process 10 Jan 2008 TIP - Michael Cobb explains why application security pros need to keep a closer eye on their organizations' code-builders in 2008.


	Cross-build injection attacks: Keeping an eye on Web applications' open source components 06 Dec 2007 TIP - Michael Cobb explores cross-build injection and explains why application architects may need to investigate the open source components of their Web applications.


	Can fuzzing identify cross-site scripting (XSS) vulnerabilities effectively? 23 Oct 2007 EXPERT ANSWER - Fuzzing may find weaknesses in software, but the testing process can't find every flaw. Ed Skoudis explains what other tools are necessary when looking for cross-site scripting vulnerabilities.


	How to avoid dangling pointers: Tiny programming errors leave serious security vulnerabilities 13 Sep 2007 TIP - Dangling pointers should no longer be thought of as simple quality-assurance problems. Michael Cobb explains how the threat has grown.


	Can dynamic and static verification secure a platform? 26 Jul 2007 EXPERT ANSWER - The best software testing approach is to use a combination of static and dynamic verification tools that continually check for technical and logical vulnerabilities during the development cycle. Expert Michael Cobb examines ...


	Should third-party software tools be used to customize applications? 25 Jul 2007 EXPERT ANSWER - Many features and functions required for today's network-ready applications can be purchased at a fraction of the cost that it would take to build them independently. But are they safe enough? Application security expert ...


1 - 10 of 29 in Expert Technical Advice		<< Previous page 1 2 3 Next >>

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Advanced Search | Site Index

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2003 - 2008, TechTarget \| Read our Privacy Policy