Aug 1, 2007 | Security Testing, Testing
By integrating security assurance into the software lifecycle, you can improve product quality—and avert disaster! At the peak of the dot-com boom, my firm consulted extensively for large organizations concerned about the risks of Internet-based applications. My...
Aug 1, 2007 | Security Testing, Testing
As I write this, I’m thinking of last night’s midsummer classic—the 2007 All-Star Game—in which the National League was an extra base-hit away from a dramatic ninth-inning, come-from-behind win. But alas, the American League will again have home-field...
Aug 1, 2007 | Security Testing
Implementing User Role-Based Security Testing For Enterprise Applications Security has become a critical issue at many levels, including access to individual computers, networks, services, applications and accounts. News reports of security breaches are all too...
Feb 1, 2007 | Security Testing, Testing
When we met, we both worked at the same Fortune 500 security company. Unknown faces to each other in a large corporation, we reported to the same senior VP. That day, we both attended an all-day company technical exchange meeting. Chris was one of the project...
Feb 4, 2006 | Security Testing, Testing
Over the past few years, we have seen data security moving away from the database layer into the application/business logic layer. In a two-tiered environment, the presentation layer used the authentication and authorization mechanism of the database management system...
Dec 1, 2004 | Security Testing, Testing, User Acceptance
Web applications are vulnerable right through the front door —by hackers who subvert data entry fields, hijack URLs and grab the file system. Here’s how to stop ’em. Enterprise software faces a wide variety of threats and security risks. But none of these threats is...
