Coverity, Inc., the leader in development testing, recently announced the next-generation of Web Application Security technology that will empower software development teams to effectively address security defects in Java web applications.
The role of a security testing tool is to expose the underlying flaws in the design, development, deployment, upgrade, or maintenance of the application before it reaches the end users. Application security testing broadly includes Black Box or Penetration testing tools that test the software without the knowledge of the implementation of the application and White Box testing or Static Code Analysis tools that test the application based on its implementation.
This is in continuation to the article published earlier on Codenomicon Fuzz-o-Matic, as promised here is some more information on the tool collected after one-on-one with Bart Pestarino, CISSP Marketing Security Specialist and Head of North America Marketing, Codenomicon.
With increase in number of applications in SaaS and Mobile applications and security of information being top priority, importance of Security testing for cloud and mobile applications is increasing day by day. Veracode Inc., has announced the availability of a whitepaper.
Every few weeks, it seems like there’s another major security breach to the website, gaming system or native app of a big global brand. And that doesn’t even include the hundreds (thousands?) of hacks into the properties of smaller enterprises, SMBs and startups that consumers may (or may not) hear about.
In today's world where lot of websites, e-commerce businesses and government organisations are loosing out money/documents and other IMPORTANT information to Hackers, SmartBear's soapUI 4.0 introduces new features to test exactly those security loop holes.
XML Bomb, SQL Injection, Malformed XML, what do they all have in common?
Its easy to find on a day to day basis that your website is hit with numerous unwanted bots trying to sneek in, hack in all the time with malicious intent. As a website owner myself i get annoyed of such attempts although i realize my every attempt to add new line of code to the website has to be robust enough and has to be thoroughly tested for security to avoid any security vulnerabilities. Recently we started to do a bit of search around free and open source security testing tools available in the industry that development/testing community can use to identify security loop holes. Well if you are having similar issues, here are few of them you could use.