Many companies are under the impression that testing for Web application security simply involves a cursory check for easy-to-guess usernames and passwords. Yet application security testing can and should involve more complex checks such as testing for SQL injection and Cross-Site Scripting. Often this sort of review does not happen until the Web application...
Ajax programming is one of the most exciting new technologies in recent history. Ajax Asynchronous JavaScript and XML allows a web page to refresh a small portion of its data from a web server rather than being forced to reload and redraw the entire page as in traditional web programming. Since they can make frequent small updates web applications...
Over the past several years I have heard people asking the question should I use vulnerability analysis tools to assess my web based applications or should I look to penetration testing I think we as an industry may be asking the wrong question. First let s look at how the web application industry has grown over the years and how penetration...
As with many other business analysis issues there are three sides to the story when looking at Web application security testing yours the findings of your vulnerability assessment and the truth. Whether you re using a commercial or open source scanner you re undoubtedly going to glean a lot of information and come across vulnerabilities. The problem...
Putting the Cart After the Horse Project Planning and Scope Definition In today s fast-paced business world proper project planning can often take a backseat to other objectives. Employees are asked to leap into the project before the scope or Work Breakdown Structure is even defined. Does this scenario sound familiar Your frazzled boss comes running...
Secrets of Successful Software Requirements Although most companies do some form of requirements there is often a lack of understanding as to exactly why the requirements need to be created and the level of detail that should be included in the requirements. Software is always created to solve a need for a client. The client may be an internal client...

 

Ads