Software Security: Building Security In

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

Malicious input

Management without measurement

Measurement

     importance of

     metrics in the RMF

     metrics program

     ROI (return on investment)

Memory Leaks phylum

Metrics. [See Measurement.]

Microsoft

     Bob

     Gates memo

     high-level commitment [See also Gates memo.]

     Nomenclature problems

     SDL (Secure Development Lifecycle)

     threat modeling versus risk analysis

     Trustworthy Computing initiative

Missing Access Control phylum

Missing Custom Error Handler phylum

Missing Error Handling phylum

Misuse cases. [See Abuse cases.]

Mitigation strategies

     defining 2nd

     penetration testing

     risks 2nd

     RMF

MLOCs3

MLOCs3^2+1

Mobile Code phylum

Mobile code, and extensibility

Monitor tools

MOPS tool

"More lines, more bugs,"

Moving left

Multithreading