Cross-site scripting (XSS) bugs are a form of security defect unique to web-based applications that allow user data tied to the vulnerable web server’s domain, usually held in cookies, to be disclosed to a malicious third party. Hence the term “cross-site”: the cookie is transferred from a client computer accessing a valid, but vulnerable, web-server [...]
Software security is about making software behave in the presence of a malicious attack even though, in the real world, software failures usually happen spontaneously that is, without intentional mischief. Not surprisingly, standard software testing literature is only concerned with what happens when software fails, regardless of intent. The difference between software safety and software [...]
Encryption (sometimes called enciphering) transforms original information, called plaintext or cleartext, into transformed information, called ciphertext, codetext, or simply cipher, which usually has the appearance of random, unintelligible data. The transformed information, in its encrypted form, is called the cryptogram.
When encryption is used to send messages, it is reversible. After transmission, when the information has [...]
A majority of risk analysis process descriptions emphasize that risk identification, ranking, and mitigation is a continuous process and not simply a single step to be completed at one stage of the development lifecycle. Risk analysis results and risk categories thus drive both into requirements (early in the lifecycle) and into testing (where risk results [...]
Ethernet sniffers are one of the most powerful tools in your network security arsenal. However, in the wrong hands they can be one of the biggest threats to the security of your network. It may be an insider or it could be a malicious intruder, but, nevertheless, once a system has been detected they will [...]
Although many people don’t consider code maintenance to be design work, our experience is that the way maintenance is carried out can make or break the security of a design. Similar to retrofitting security enhancements onto existing software, maintaining code should be handled with due care, again applying the same level of design scrutiny and [...]
Software security practitioners perform many different tasks to manage software security risks, such as:
Creating security abuse/misuse cases
Listing normative security requirements (and security features and functions)
Performing architectural risk analysis
Building risk-based security test plans
Wielding static analysis tools
Performing security tests
Performing penetration testing in the final environment
Cleaning up after security breaches
Three of these practices are particularly closely linked architectural [...]
Web Attacks can take place on the user’s end, in which case they are called client-side attacks. Client-side web attacks include the following:
Malicious HTML tags in web requests
Malicious code in a form window can cause the server to generate pages that are unpredictable or dangerous if run on the server. Malformed pages sent back to [...]
The first step required in analyzing any software, whether new or existing, for risk is to achieve a full understanding of what the software is and how it works. For architectural risk analysis, this understanding requires at least minimal description using high-level diagramming techniques. The exact format used may vary from organization to organization and [...]
SQL injection is basically to insert or “inject” SQL queries and commands into input data, which can cause any number of insecure behaviors and user privacy violations.
Many e-commerce applications use a database of one type or another to store information. Whether this is product information, account information, or some other type of data, the database [...]
