- Software [In]security: You Really Need a Software Security Group
- Dec 21, 2009
- Gary McGraw explains why having a software security group is necessary for a software security initiative.
|
- SSH Issues: Does Installing SSH Enable More Exploits Than it Solves?
- May 26, 2006
- SSH, the wonder tool of the security set, is misused by your users more easily and more often than you may think. John Traenkenschuh points out how well-intentioned administrators are using SSH to create gaping holes in their own security, and what you can do about it.
|
- Static Analysis as Part of the Code Review Process
- Nov 16, 2007
- Learn why static analysis tools should be part of your security code review process.
|
- Stuart McClure's Daily Security Tips for the Week of November 11th
- Nov 8, 2002
- Take a tip from Stuart McClure, the lead author of the best-selling, critically acclaimed security book, "Hacking Exposed." This week, Stu shares some web security tips for systems and network managers.
|
- Stuart McClure's Daily Security Tips for the Week of November 18th
- Nov 15, 2002
- Combat potentially costly security threats with advice from security expert and Foundstone CTO Stu McClure.
|
- Stuart McClure's Daily Security Tips for the Week of November 4th
- Nov 1, 2002
- Systems and network managers — combat potentially costly security threats with advice from Foundstone's Stu McClure.
|
- Stuart McClure's Daily Security Tips for the Week of October 21st
- Oct 18, 2002
- Take a tip from Stuart McClure, the lead author of the best-selling, critically acclaimed security book, "Hacking Exposed." This week, Stu shares some web security tips for vendors and developers.
|
- Stuart McClure's Daily Security Tips for the Week of October 28th
- Oct 25, 2002
- More hot tips from world-renowned security expert Stuart McClure! This week, Stu shares some web security tips for developers and network managers.
|
- The Real Cost of Insecure Software: The Foundation of Civilization
- Dec 28, 2007
- David Rice discusses the perilous state of software security in this introduction to his book, Geekonomics.
|
- The Role of Architectural Risk Analysis in Software Security
- Mar 3, 2006
- Design flaws account for 50% of security problems. You can’t find design defects by staring at code—a higher-level understanding is required. That’s why architectural risk analysis plays an essential role in any solid software security program. Find out more about architectural risk analysis in this sample chapter.
|
- The Role of Computer Forensics in Stopping Executive Fraud
- Oct 1, 2004
- Virtual evidence is an important part of nearly every modern corporate crime investigation, and proper handling of that evidence can mean the difference between a conviction and a criminal walking free. In this chapter, you'll learn how to properly investigate computer evidence in a corporate environment.
|
- The Theory of Cryptography
- Jun 4, 2004
- One of the essential ingredients of e-business and enterprise computing is cryptography, which plays a critical role in J2SE and J2EE security. This chapter describes secret-key and public-key cryptographic systems as related to Java 2 Enterprise Edition, in a way that's meant to demystify the concepts and terms surrounding cryptography.
|
- Top 4 Software Development Protection Techniques and How to Defeat Them
- Dec 7, 2009
- Knowing weaknesses in different protection methods can help you choose the best techniques to safeguard your intellectual property.
|
- Trojan Horses
- Dec 12, 2003
- Malware expert Ed Skoudis discusses Trojan horses, which are computer programs that appear to be benign, but really include hidden malicious code. He outlines different types of Trojan Horses and how to protect against them.
|
- Understanding Locks and Keys in Cryptography
- May 18, 2001
- Cryptography is both the lock and the combination (or key) that can be used to help protect your data. There are a variety of cryptographic methods and keys. Together, the method and the key determine cryptographic security.
|
- Upgrading Software Development Security
- Apr 5, 2002
- Information security expert Scott Barman discusses how to create a secure development program within an existing software development process. Organizations such as Microsoft may need to consider such policies in their heightened concentration on security.
|
- Warez All that Pirated Software Coming From?
- Nov 1, 2002
- In this world of casual piracy, many people have forgotten or just never realized where many software releases originate. Seth Fogie looks at the past, present, and future of the warez industry; and illustrates the simple fact that "free" software is here to stay.
|
- What Bill Gates Says About Security
- Nov 13, 2003
- Microsoft product managers at the PDC hammered home the idea that code has to get better, and that buffer overruns are caused, basically, by sloppy programming. But Bill Gates said, "You don't need perfect code to avoid security problems." Not if you use firewalls and keep your software up to date.
|
- What Is Surreptitious Software?
- Aug 11, 2009
- Christian Collberg and Jasvir Nagra discuss the basic techniques used to protect secrets stored in software.
|
- Why Is Security a Software Issue?
- Jun 2, 2008
- This chapter discusses why security is increasingly a software problem.
|