News (245)

Microsoft gives coders a bug finder

Web developers in need of another set of eyes to check their code for security holes should soon be able to add an application scanner to Microsoft's Visual Studio .Net. Read more »

Linux guru argues against security liability

Alan Cox, one of the leading Linux kernel developers, has told a House of Lords hearing that neither open- nor closed-source developers should be liable for the security of the code they write. Read more »

Microsoft's leaner approach to Vista security

Microsoft is talking up support for hardware-based security in Windows Vista, though only a sliver of the company's original plan will make it into the operating system. Read more »

Image flaw pierces PC security

Six vulnerabilities in a common code that handles an open-source image format could allow intruders to compromise computers running Linux and may allow attacks against Windows PCs as well as Macs running OS X. Read more »

Microsoft bug-checking tools promise fewer crashes

Microsoft is readying two tools to help hardware makers create more stable and secure Windows drivers, which should help reduce the number of crashes. Read more »

Microsoft releases 'critical' patches

Microsoft released a higher-than-usual number of monthly updates, more than half of which were given the software company's highest rating of "critical." Read more »

Linux keeps dodging hackers and viruses

Survey: Fewer than one in four Linux developers say they have been hacked and even fewer have been infected by viruses. Read more »

Danger level rises for Perl flaws

A type of security flaw in Perl applications that experts thought could lead only to a denial-of-service attack is now believed to be much more serious. Read more »

Microsoft pretties Office for business apps

Office Business Applications is meant to encourage third-party application providers to write code that will integrate closely with Microsoft Office applications. Read more »

BEA woos nontechies with new software

Facing slowing sales to its traditional customers, BEA Systems is trying a new route: pitching its software to nontechnical businesspeople frustrated by the slow pace of IT change. Read more »

More Application, Code, Secure News Results

Features (323)

Develop secure software at the application level

Protect your application from input overflow and underflow attacks, and from other common tactics with these development techniques. Read more »

Develop applications that prevent intrusion

Designing secure applications requires developers to look beyond their own code. Accessing APIs or COM objects or establishing system privileges can result in security vulnerabilities that can be prevented. Read more »

How to build secure ASP.NET applications

ASP.NET provides several ways to protect your Web-based app from attack. Here's an overview of authentication, authorisation, and role-based security. Read more »

Web application security frameworks (WASF), Part 1: Introduction

Often you will want parts of your Web application to be exclusive to certain users. This access distinction requires the use of Web application security frameworks. This first article in the series introduces you to the three most often used methods. Read more »

Ask Chuck: ASP.NET best security practices

What best practices should you follow for an ASP.NET application? Our resident .NET expert Charles Sterling offers this quick tip. Read more »

Follow these steps to secure your data layer

A secure data layer is essential for a truly secure application. Learn how to nurture a secure environment for the pivotal Data tier of your application with the correct tools. Read more »

CGI wrappers for Apache-based apps can boost security

CGI scripts represent a big potential security risk in Web development, but using CGI wrappers can help insulate your servers from attack. Here's an outline of how to create CGI wrappers to protect an Apache Web server. Read more »

Windows Application Verifier can help you build better code

If you're building an application, it's likely that you'll want it to play nice with Windows. Microsoft's Windows Application Verifier can ensure that your application will work with current and future versions of Windows. Read more »

Security through obscurity won't secure your code

Most applications use some form of security through obscurity, but you should avoid it when writing your apps. ZDNet Australia offers these tips on how to tighten up your code. Read more »

Web application security frameworks (WASF), Part 2: Database lookup

Often, you will want parts of your Web application to be exclusive to certain users. This access distinction requires the use of Web application security frameworks. Continuing our series on Web app security, we explore the database lookup framework. Read more »

More Application, Code, Secure Features Results

Blog (13)

AJAX applications and security

Lana Kovacevic [blogs:webanatomy] -- Douglas Crockford, the creator of JSON, gave a talk entitled "AJAX Security" at the recent Web Directions South conference. In this talk, Crockford discussed some of the security concerns with AJAX applications and what can be done to address them. Read more »

Application Threat Modeling v2

[blogs:] -- Threat Modeling has become one of the most important ways to increase the security of your application development projects. It allows you to understand the threats you will face, and implement countermeasure in a consistent, reliable way. If you only do one thing to improve yoru development processes, Threat Modeling should be it. Now with the new ACE Threat Modeling methodology and tools, it's easy to do as well! Read more »

The 2008 Trends and Threats to Internet security

Lana Kovacevic [blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

Google to allow third party code in Gmail?

Brendon Chase [blogs:codemonkeybusiness] -- According to executives from the company, Google are preparing to open Gmail to developers outside the Googleplex labs. Read more »

Azure: A matter of trust

Brendon Chase [blogs:codemonkeybusiness] -- Ray Ozzie hit the nail on the head when he said Azure's success will hinge on trust. Who outside (and inside) the core circle of ISV trust Microsoft? Read more »

Firefox 3 add-ons to make you a better Web developer

Brendon Chase [blogs:codemonkeybusiness] -- Firefox might be a fast browser but it's extensions can transform it into a powerful development tool for Web developers and designers. Here are 10 of the best to get you started. Read more »

Are your Web apps ready for the next-gen browser war?

Brendon Chase [blogs:codemonkeybusiness] -- Webkit, Firefox, and Internet Explorer are all scheduled to update their browsers in 2008. Are you ready for Web dev test fest 08? Read more »

The Portal of the Future

Lana Kovacevic [blogs:webanatomy] -- At this year's Gartner Application Development, Integration and Web Services Summit, I attended Gene Phifer talk: "Portal of the Future: What's Beyond Web 2.0?". Read more »

Internet Exploder

David McAmis [blogs:theneteffect] -- Most developers knew this day would come-- a new version of Internet Explorer comes around and suddenly, the web application you have spent months crafting falls into a heap. No wonder people call it "Internet Exploder". Read more »

Nokia starts trolling

Staff [blogs:syslog] -- This week Builder AU is on the road at linux.conf.au 2008 in Melbourne -- but before we get into all that is happening here, there is the small matter of Trolltech. Read more »

More Application, Code, Secure Blog Results

Log in


Sign up | Forgot your password?

Blogs

RSS feed

What's on?