Content tagged as 'Security-Weaknesses'

Here is a list of all the content that has been tagged as security-weaknesses.

Workshop - Building Security Into Your Development Teams

Few organisations understand the secrets of shifting the focus on security from late in the software development life-cycle to within the Development Team. Not only does this significantly reduce the number of security defects being pushed to your production systems, but also significantly reduces the total cost of development. Cheapest place to deal with defects There have been many studies specifically looking at the costs of finding and fixing defects early, as opposed to the planning of how to fix defects once the product is delivered, or not planning at all.

Holistic Info-Sec for Web Developers

A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises.

Lack of Visibility in Web Applications

Not being able to introspect your application at any given time or being able to know how the health status is, is not a comfortable place to be in and there is no reason you should be there.

Consuming Free and Open Source

Redirects to legacy blog post.

This is where A9 (Using Components with Known Vulnerabilities) of the 2013 OWASP Top 10 comes in. We are consuming far more free and open source libraries than we have ever before. Much of the code we are pulling into our projects is never intentionally used, but is still adding surface area for attack. In this post we address the risks and countermeasures.