The CWE/SANS Top 25 is a list of the most dangerous common software errors that can leave your application vulnerable to bad actors. It’s put together by MITRE and the SANS Institute as part of the Common Weakness Enumeration (CWE) project. The list can help ...
Today’s app development processes are not complete without security integration. Security standards provide safeguards for companies to secure their apps and software from cybersecurity threats. NIST, OWASP, WASC, SEI CERT C and J, CWE, and BIZEC are part of ...
Almost all modern software contains at least some open-source components. Open-source software simplifies the development process and speeds up the software development timeline. It’s also cost-effective in most instances because it’s free to use. However, op...
Originally developed by the UK government’s “SafeIT” program and later expanded by the automotive industry, the Motor Industry Software Reliability Association (MISRA) sought to develop a C programming language subset — or “coding stan...
C# OWASP Top 10: How to Discover Vulnerabilities in a C# Web Application In this article, you’ll learn the top 10 security issues in web applications, as defined by the Open Web Application Security Project (OWASP Top 10 – 2017). For each issue, you...
Many applications provide a services layer (to other applications, to a presentation layer, etc.). Or, they consume services exposed by third-parties (not necessarily trusted). A REST model is a simple, widely-used way for designing such service layers. This ...
Legacy “business-oriented” languages present unique challenges for software security. Unfortunately, there is a lack of awareness about the security risks of these languages. In this post, we will focus on the security vulnerabilities inherent in busin...
Application security is no longer an afterthought. Developers now prioritize security due to the exponential risk of cybercrime. Developers need to pay more attention to security as it is a crucial aspect of app development. Using application security solutio...
Kiuwan’s latest release now includes coverage for Python. Python was conceived in the late 1980s, and its implementation began in December 1989 by Guido van Rossum. Van Rossum is Python’s principal author, and his continuing central role in deciding the direc...
Reusing code is something normal in software development, but this practice makes the code less maintainable over time and it can introduce defects. As we write an application, very similar or identical code fragments begin to appear. These fragments are know...
Veracode, recognized as “Leader” in the Gartner Magic Quadrant for Application Security, now supports COBOL and RPG with technology from Optimyth Software -Kiuwan creators-. In their own words: “As a further step in extending the capabilities of its platform,...
