WHITE PAPER:
This paper explains why and how to apply static analysis tools in the context of a policy-based security process that not only prevents security vulnerabilities, but also focuses on SDLC productivity.
EGUIDE:
Software development teams are often faced with requirements to add new features to an existing code base. For many reasons, this sort of work can entail a lot of risk. This Expert Tip examines mistakes in managing the requirements process and how by looking at requirements from the perspective of all team members, these mistakes can be avoided.
WHITE PAPER:
Read this paper to learn 11 best practice peer code review tips to optimize review sessions, improve code, and make the most of valuable time. Some of the key findings include how many lines of code you should review in an hour, annotating code before you begin reviewing, leveraging a check list system, and more.
WEBCAST:
Access this resource for an overview of an online course on CWE-497, which discusses the weaknesses caused by exposure of system data to an unauthorized control sphere. Learn the security impact of this weakness with examples of code to demonstrate the danger to your application security.
WHITE PAPER:
Most companies do not have time to thoroughly investigate all of the potential attack targets inside an application. This white paper explains how the use of software security analysis (SSA) and path methodologies can help you identify vulnerable code and improve application security.
EBOOK:
This insightful e-book provides in-depth best practices and advice on how to catch code errors before they are able to cause bigger problems within your organization. Read more inside to uncover new tools designed to make the QA process faster and easier.
WHITE PAPER:
This paper provides a detailed description of injection vulnerabilities, discusses how they present themselves to both end users and software developers, and explains mitigation strategies to help resolve the various types of injection attacks.
CASE STUDY:
Access this brief case study to learn about the strategy that allowed the application developers at NetworkedAssets to cut down on downtime from redeploys and increase their team velocity by 40%. Discover how to instantly view and test your code changes without the need for any delays.
EBOOK:
SAP upgrades are a perennial challenge - especially for organizations with many instances or customizations. The struggling economy has also made it all the more difficult to make a case for a technical SAP ERP upgrade. But maintaining upgrade best practices and avoiding mistakes can help avoid costly downtime and issues during upgrade projects.
WEBCAST:
This course begins with an overview of improper validation of array indices. It describes the security impact of the weakness and provides a technical description of the issue, along with code examples to show the vulnerability. Finally, the course describes the remediation strategies available to mitigate the weakness described by CWE-129.