Browse by Tags
All Tags »
Application Security (
RSS)
* Yahoo had a promotional offer where if you deposited USD $30 into an advertising account, Yahoo would then add an additional USD $50 to that account. The sign-up process was able to be circumvented in such a way that failing to deposit the requisite...
Visit the Java Open Review , an open source project sponsored by Fortify Software which uses Fortify SCA tools and Findbugs to look for defects in software – as a service. It publishes aggregated statistics but has a "responsible disclosure policy", which...
The Microsoft .NET framework comes with a request validation feature, configurable by the ValidateRequest setting. ValidateRequest has been a feature of ASP.NET since version 1.1. This feature consists of a series of filters, designed to prevent classic...
The following article will discuss, step by step how to implement anti virus solution (file scanning for virus) in Java, particular in the JEE applications. http://www.developer.com/design/article.php/3711331
The following site presents a taxonomy of software security errors developed by the Fortify Software Security Research Group. Each vulnerability category is accompanied by a detailed description of the issue with references to original sources, and code...
With today, I had completed integrating security in standard SDLC to prevent security bugs from appearing in released applications. SEI CMMI Version 1.1, Maturity Level 5 Process has been updated with security tests/tools/guidelines/templates to ensure...
Following java program will compare customer balance with minimum balance. If customer balance is higher than minimum balance then customer will get a special discounts. //Integer overflow & underflow example int min_balance = 25000; int cust_balance...
For file upload in your application, one important thing that you must consider is security, as improper design and configuration will make your application vulnerable to attacks. Here are a few security tips that may be useful to you. • File Size – Have...
Business rules in client web pages(away from data) ================================== Developers tend to do this. But for a change in business rule, Need to recompile and redeploy the web applications. Eventually, If you expose data through web service...
The following are some of the essential security skills that Java programmers need Input handling. To protect their code against cross-site scripting, SQL injection and similar attacks, Java programmers must be able to write programs that read input from...
More Posts