Software Security: Building Security In

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

Password in Configuration File phylum 2nd

Password Management phylum

Passwords

     Empty Password in Configuration File

     Hard-Coded Passwords

     Password in Configuration File 2nd

     Password Management

Path Manipulation phylum

Path Traversal phylum

Penetration testing

     and risk-based security testing

     application

     benefits of

     by reformed hackers

     constructive/destructive nature

     current practices

     description

     examples 2nd

     feedback from

     flyover

     improved practices

     iterative testing

     last check, not first check

     limitations of

     mitigation strategies

     "pretend security" solutions

     repeatable results

     results interpretation

     software developers and information security practitioners

     testing for negatives

    tools for

         APISPY32

         attackers

         breakpoint setters

         CANVAS

         Cenzic

         control flow

         coverage

         decompilers

         disassemblers

         fault injection

         Hailstorm

         Holodeck

         monitors

         rootkits

         shell code

     value of 2nd

People in the security process. [See Security professionals.]

Perimeter defense

Personnel. [See Security professionals.]

Phyla. [See Taxonomy of coding errors, phyla.]

Pillars of software security 2nd

Pitfalls to software security

PLOVER (Preliminary List of Vulnerability Examples for Researchers)

Prescriptive knowledge

"Pretend security" solution

Principles, knowledge catalog 2nd 3rd

Privacy Violation phylum

Private Array-Type Field ... phylum

Privilege Management phylum

Problems. [See Bugs; Causes of problems; Defects; Flaws.]

Process agnostic best practice 2nd 3rd

Process Control phylum

Public Data Assigned ... phylum