Software Quality Insights:

software security


October 5, 2012  6:03 PM

Hackers at work: Security testing at STARWEST

Posted by: Brein Matturro
security testing, Software Quality, software security, software test

by Jennifer Lent Frank Kim opened his STARWEST Conference session Security Testing: Think Like an Attacker by asking attendees how many of them were familiar with the concept of a cross-site scripting error. Virtually every hand in the room of 60 to 70 test professionals shot up. But...

July 8, 2010  8:53 PM

SQL injection flaw leaves door wide-open to valuable user information on a popular file sharing site

Posted by: Daniel Mondello
black hat hackers, Daniel Mondello, software security, SQL injection, website vulnerabilities

This week, a trio of hackers based out of Argentina uncovered various entry points into the popular (and controversial) file-sharing site Pirate Bay using SQL injection flaws contained in the site. The infiltration gained them access to upwards of four million user profiles containing...

November 3, 2009  12:12 AM

Checkmarx CTO on new compiler-free vulnerability scanner

Posted by: Jan Stafford
Checkmarx, software security, source code analysis tools

Recently, Checkmarx CTO Maty Siman filled me in on the new source code security scanner, Checkmarx Virtual Compiler. Designed to enable compiler-free, real-time source code vulnerability scanning, the tool promises to facilitate testing of code throughout the...

April 17, 2009  6:36 PM

Software security threats: Changing QA a must

Posted by: Jan Stafford
quality assurance, security threats, software security

Software quality assurance (QA) and software security teams have long been separate islands within development organizations. That division is giving data pirates carte blanche to compromise software, cyber-security industry veteran Barmak Meftah told me recently. “Today, we are witnessing...

February 26, 2009  1:58 PM

Better security through better visualization

Posted by: MichaelDKelly
data visualization, software security

I'm always excited when I stumble across an area which is an intersection of two of my favorite topics. Recently, I started reading Applied Security Visualization by Raffael Marty. In the book,...

February 5, 2009  2:20 PM

Does PCI compliance make your data secure? Nope.

Posted by: JackDanahy
PCI compliance, software security

Another week, another cascade of information pouring unintentionally out of another unwitting company -- this time it is Heartland Payment Systems.

As a result, Heartland customers will get letters letting them know that they should watch out for unexpected transactions; hundreds of man...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: