SecurityRatty: tag: developers

Encryption Presentation - .NET Developers Group - NYC Microsoft Offices - June 21st

2007-04-02 06:46:00 by Eric Marvets in The Security Samurai

...Developers Group on Thursday, June 21, 2007 . Its a similar presentation to the one Ive done for a number of user groups in the Southeast. I made this presentation as a response to the flood of online code snippets for encrypting data. While they are all fairly easy to use, they dont explain what they do and often developers think their data...

Tags: encryption, presentation, level encryption basics, similar presentation, net developers, developers, symmetric, symmetric algorithm, symmetric encryption

Who Benefits from Log Standards? Part II - Application Developers

2007-12-04 17:28:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...developers whose products generate logs ] will be able to decrease cost associated with logging and reuse log libraries. Vendors could move away from encouraging developers from picking log messages on a closest-fit basis from a limited, product-specific message index. Furthermore, the generation of these log messages could be bases on a...

Tags: application software vendors, software vendors, log standards, standards, vendors, log management vendors, log management, developers, log management people

DNS patches cause problems, developers admit

2008-07-29 13:00:00 by Editor in Computerworld Security News

Developers acknowledged that there were problems with the July 8 fix that was rolled out as part of a multivendor update to patch a cache poisoning flaw discovered months before

Tags: developers, fix, flaw, july, multivendor, patch, cache, months

Spring Web Flow 2: A boon to JSF developers

2008-11-11 00:00:00 by HASH0x8b2c788 in Network World on Security

Spring Web Flow 2 seems tailored to the needs of JSF developers, and it smoothes out Spring MVC on the front end. Dr. Xinyu Liu explains how new support for Ajax, validation, persistence, and security facilitates the development of rich Web applications using SWF 2

Tags: web flow, jsf developers, rich web applications, xinyu liu explains, support, front, mvc, validation, persistence

Who do you train and how do you train them?

2008-12-04 13:45:34 by Gunnar Peterson in 1 Raindrop

...developers as well as their top people. I think there is validity to both, because security is a system problem, but the approaches you use are slightly different. In the case of getting the general developer population up to speed you usually want to aim for a checklist type approach and give the developers something like a cookbook full of...

Tags: security, software security, security people, motley fool, security architecture framework, motley fool business, people, top people, framework

Proxy Caches are a Challenging Threat to Internet Security

2008-10-05 10:41:52 by Tim Bass in The Complex Event Processing Blog

...developers have no control over proxy caches in the Internet. However, developers do have control of the code they write and their admin teams have configuration control of their web servers. Developers must assume the worst case Internet scenario with aggressive Internet cache management policies that serve cached data for economic and...

Tags: proxy caches, security, web developers, developers, internet, application developers, security flaws similar, session management code, code

The Economics of Finding and Fixing Vulnerabilities in Distributed Systems

2008-11-18 22:47:55 by Gunnar Peterson in 1 Raindrop

...developers, CRM, ERP, etc Data: all the resources invested in databases, DBAs, etc Tally up each layer. If you are like most business you will probably find that you spend most on Applications, then Data, then Host, then Network Then do the same exercise for the Information Security budget Network: all the resources invested in network...

Tags: information security, information, information security spends, safety information security, versus information security, information security budgets, information security budget, software security, software security space

Web 2.0 Security - The Beginning of the End or The End of the Beginning

2008-05-29 15:26:12 by Gunnar Peterson in 1 Raindrop

...developers, I always ask how many are familiar with OWASP. Less than 20% are in my experience, and of those percentage most only know the OWASP Top Ten. If you have not read the guide and understood the concepts, it is really hard for me to see how your app is going to have anything more than cardboard walls level of security. Sadly, a lot...

Tags: people, software security people, software security, software security team, security, security people, web, security support, architecture

Building secure application

2008-10-02 06:35:44 by RaviC in Musings on Information Security

Developers have the objective of building a functional application. They are focused on building more functionality into applications. Moreover, building security creates more workload for Developers which is a disincentive and moreover, Developers are rewarded for building more functionality than building more security. I have never seen a...

Tags: application, secure application, functional application, secure application inside, access application data, penetration, whitebox style penetration, developers, hackers traverse outside-in

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo