Software Integrity

Archive for December 2014

 

Fixing cross-site scripting: A developer’s guide (Java edition)

Top 3 things to know about XSS mitigation Cross-site scripting (XSS) is a complex problem with many moving parts, but we want to highlight the most important “gotchas.” These are the Top 3: HTML escaping isn’t enough It is important to understand that HTML escaping (using HTML entities) is not always the right solution to […]

Continue Reading...

Posted in Application Security, Secure Coding Guidelines, Vulnerability Assessment | Comments Off on Fixing cross-site scripting: A developer’s guide (Java edition)

 

McGraw asks who’s in charge of medical device security

In his latest SearchSecurity article, Gary McGraw discusses the risks behind medical devices that are deeper than patient data, including patient safety risk and in worst cases, death, which can result in the corruption from devices used to preserve patient life. All of these risks around medical devices are caused by the simple fact that […]

Continue Reading...

Posted in Financial Services Security, Healthcare Security, Mobile Application Security, Network Security, Software Security Testing | Comments Off on McGraw asks who’s in charge of medical device security