SecurityRatty: tag: developers

Encryption Presentation - .NET Developers Group - NYC Microsoft Offices - June 21st

2007-04-02 06:46:00 by Eric Marvets in The Security Samurai

...Developers Group on Thursday, June 21, 2007 . Its a similar presentation to the one Ive done for a number of user groups in the Southeast. I made this presentation as a response to the flood of online code snippets for encrypting data. While they are all fairly easy to use, they dont explain what they do and often developers think their data...

Tags: encryption, presentation, level encryption basics, similar presentation, net developers, developers, symmetric, symmetric algorithm, symmetric encryption

Who Benefits from Log Standards? Part II - Application Developers

2007-12-04 17:28:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...developers whose products generate logs ] will be able to decrease cost associated with logging and reuse log libraries. Vendors could move away from encouraging developers from picking log messages on a closest-fit basis from a limited, product-specific message index. Furthermore, the generation of these log messages could be bases on a...

Tags: application software vendors, software vendors, log standards, standards, vendors, log management vendors, log management, developers, log management people

DNS patches cause problems, developers admit

2008-07-29 13:00:00 by Editor in Computerworld Security News

Developers acknowledged that there were problems with the July 8 fix that was rolled out as part of a multivendor update to patch a cache poisoning flaw discovered months before

Tags: developers, fix, flaw, july, multivendor, patch, cache, months

Proxy Caches are a Challenging Threat to Internet Security

2008-10-05 10:41:52 by Tim Bass in The Complex Event Processing Blog

...developers have no control over proxy caches in the Internet. However, developers do have control of the code they write and their admin teams have configuration control of their web servers. Developers must assume the worst case Internet scenario with aggressive Internet cache management policies that serve cached data for economic and...

Tags: proxy caches, security, web developers, developers, internet, application developers, security flaws similar, session management code, code

Web 2.0 Security - The Beginning of the End or The End of the Beginning

2008-05-29 15:26:12 by Gunnar Peterson in 1 Raindrop

...developers, I always ask how many are familiar with OWASP. Less than 20% are in my experience, and of those percentage most only know the OWASP Top Ten. If you have not read the guide and understood the concepts, it is really hard for me to see how your app is going to have anything more than cardboard walls level of security. Sadly, a lot...

Tags: people, software security people, software security, software security team, security, security people, web, security support, architecture

Building secure application

2008-10-02 06:35:44 by RaviC in Musings on Information Security

Developers have the objective of building a functional application. They are focused on building more functionality into applications. Moreover, building security creates more workload for Developers which is a disincentive and moreover, Developers are rewarded for building more functionality than building more security. I have never seen a...

Tags: application, secure application, functional application, secure application inside, access application data, penetration, whitebox style penetration, developers, hackers traverse outside-in

Security Evolution

2008-05-19 17:42:16 by Gunnar Peterson in 1 Raindrop

...developers invented CGI/PERL for more dynamic sites. Once they wanted to scale and pool they built out ASP and JSP, then to deliver middle tier components they developed EJB, J2EE, and DCOM. After that there were a lot of heterogeneous systems that needed to talk to each other so SOAP and XML came along to address that. This path diverged...

Tags: security, information security, faith based security, security issues asp, asp, security issues, security architecture, ws-security, security architectures

Sexy Development Lifecycle

2008-01-30 01:37:00 by sdl in The Security Development Lifecycle

...developers how to write their code correctly in the first place so that the pentesters dont have any vulnerabilities to find. But, as a general rule, developers dont really attend hacker cons. They attend developer cons. There are of course exceptions to this rule, but ask yourself honestly: How many people do you suppose really go to DEFCON...

Tags: developer security, developer security issues, security issues, developer, love developer cons, security, attend developer cons, developer cons, sdl

No Privacy on Facebook/MySpace

2008-06-12 16:07:52 by Editor in IT Security - The IT Security Industry's Web Resource

...developers are allowed to see. MySpace, the largest social network, with 110 million members, said developers can see users public details name, profile picture and friend lists when they download a program. When a user installs one on Facebook, which has 70 million members, the developer can see everything in a profile except contact...

Tags: facebook, details, personal details, data, share data, facebook profile, glean details, profile, users public details

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo