Software Integrity

Archive for 2010

 

BSIMM Community Conference

We just hosted the first ever BSIMM Community Conference in Annapolis, MD this week. I’m proud to say it was a smash hit. The schedule was packed full of interesting talks from leaders among the BSIMM Community including Microsoft, Intel, Salie Mae, JP Morgan Chase, QUALCOMM, Fidelity, Adobe and Cigital, but by far the most […]

Continue Reading...

Posted in Financial Services Security, Insurance Provider Security, Maturity Model (BSIMM), Security Conference or Event, Software Security Testing | Comments Off on BSIMM Community Conference

 

Securing URL redirects

(This is a guest post by Synopsys consultant Mike Ware. The original post appeared on his blog, good code, secure software.) Can attackers control URL redirection functionality exposed by your application? Unvalidated Redirects and Forwards is #10 on the 2010 OWASP Top Ten 10 List. Sites that are vulnerable often expose a servlet or server-side […]

Continue Reading...

Posted in OWASP, Secure Coding Guidelines, Software Security Testing | Comments Off on Securing URL redirects