Software development: Building security in

By Kevin Beaver, Principle Logic | Development Add a new comment

May 09, 2006, 1:30 PM — When it comes to software security, the general perception is that including technologies such as firewalls, intrusion prevention systems, and malware protection throughout the software development life cycle is all that's needed to keep information secure in the end product. However, these technologies are mostly reactive in nature and don't prevent the vulnerabilities in the first place. Also, at the development level, there's a lot of talk about testing for buffer overruns, validating user input, using the principle of least privilege, and so on. These are certainly solid practices, but there's still a considerable gap when it comes to getting to the root of software flaws

Add a comment

From CIO.com

From CSO Online

Will Do Not Track kill the 'free' Internet?

8 comments
How to avoid being tagged as a terrorist: Don't pay cash for coffee

4 comments
How to kill Web trackers dead

3 comments
Even after rewrites, Google Wallet retains gaping security holes, mainly due to Android

3 comments
Sony shows power outlets that can control electricity by user, device, or source

3 comments

Older
|
Newer

ITworld LIVE

DariaJones12528 has just joined ITworld
ShojiitagakiXS_tw473572786 has just joined ITworld
crhylove_tw121250214 commented on Linux Mint 13 gets back to desktop basics
RightKlik_tw18925783 commented on Sony shows power outlets that can control electricity by user, device, or source
nkbflsfids9a commented on The Playstation Vita won't make phone calls, but a future Vita OS device might
nkbflsfids9a commented on Girl builds LEGO Millennium Falcon in about 4 hours (video)
nkbflsfids9a commented on Yahoo talks with Alibaba end abruptly; shares drop nearly 6%
nkbflsfids9a commented on The Ghostery in the machine: Tracking the trackers
nkbflsfids9a commented on Real-world superpowers: Eye surgery lets some see well into the ultraviolet
nkbflsfids9a commented on FSF asks web devs to ID JavaScript code
nkbflsfids9a commented on Move to mobile will bring big changes for Linux
nkbflsfids9a commented on RIM: Revival possible, or dead man walking?
nkbflsfids9a commented on Microsoft India store hacked, user database exposed
nkbflsfids9a commented on Is Google developing a Google TV+Music device?
nkbflsfids9a commented on Apple files complaint against Motorola in the US to prevent iPhone 4S litigation
nkbflsfids9a commented on FBI says social media monitoring won't infringe privacy rights
nkbflsfids9a commented on Sony shows power outlets that can control electricity by user, device, or source
nkbflsfids9a commented on Massive Air Force ERP software project still struggling
jnaze shared iPad apps for book lovers on Email
Cube commented on Sony shows power outlets that can control electricity by user, device, or source
Cube has just joined ITworld
Gerald Lau has just joined ITworld
ryanhellyer_tw14598449 commented on Chromebooks are the electric car of laptops
ryanhellyer_tw14598449 has just joined ITworld
rasel2011 has just joined ITworld
Mark Cummuta shared IT pay: Premiums for IT skills drop as IT departments reorganize on Twitter
robertoevans_tw16339975 commented on How to avoid being tagged as a terrorist: Don't pay cash for coffee
The white paper Guaranteeing 100% Backup Recovery was viewed
AppDevGuy asks How much will the security flaws in Google Wallet set back the transition to "digital wallets"?

DevelopmentWhite Papers & Webcasts

White Paper

HP NonStop SQL Fundamentals whitepaper

This whitepaper offers a detailed look into the fundamentals of HP NonStop SQL solutions. See how this system delivers unprecedented levels of application availability with fail-safe data integrity and meets the needs of enterprises with large-scale business critical applications.

White Paper