Software Security

Software Security

About

Security regroups many subject area.

The most known are:

Identity management with:
- authentication (user/password) and its method (ldap, table, …)
- authorization (group, privileges and role, object and information access)
Crypto with:
Code:
- output encoding
- …
Application - Prevention
- Data Mining - Intrusion detection systems (IDS) / Intrusion Prevention / Misuse
- Network - Firewall

Provide mechanism rather than policy. In particular, place user interface policy in the clients hands

Illustrations

The most effective picture to explain software security.

Everything I try to teach my freshman about security, in one photo:

Data Lost

Data Lost or downtime. http://www.emc.com/microsites/emc-global-data-protection-index/index.htm

First Rule

Don't hire assholes

Security / Privacy

En Twitter

Security and bug

The security industry is largely obsessed by finding (and selling / using / patching / reporting / showcasing / stockpiling / detecting / stealing) these “dangerous/useful” variety of bugs. And this obsession is continually fulfilled because bugs keep happening – which is just the nature of software development –
…………

Jason A. Donenfeld. See replied from Linus Torvalds (Tue, 21 Nov 2017) - [GIT PULL] usercopy whitelisting for v4.15-rc1

Documentation / Reference

Recommended Pages

Data Mining - Intrusion detection systems (IDS) / Intrusion Prevention / Misuse

Data Mining - Intrusion detection systems (IDS) / Intrusion Prevention / Misuse About Classical security mechanisms, i.e. authentication and encryption, and infrastructure components like firewalls "...

Application - Prevention

Prevention is better than cure. Mikko Hypponen Articles Related Example Security Within security matter, no cure exist. If an attacker has c "...

Authentication - Identity and Access Management Services (IAM)

Identity and Access Management is a component of software security that manages the following functionalities: Identification: Who are you? authentication: Prove it. authorization: Here is what you "...

Data Warehousing - 34 Kimball Subsytems

This page takes back the Kimball Datawarehouse 34 Subsystem as a table of content and links them to a page on this we "...

Java - Container

A container is a logical part of a J2EE Server which contains java components Before any component can be executed, it must be assembled. The assembly process involves per logical container: the con "...

Security Testing Software

In order to assess the security of an application, security testing software are used and may acts as: workload generator forward proxy

Web - Browser

A browser is a user agent. Components The figure shows some of the components you will find in a browser. To the left, there is the user interface. The browser needs a rendering engine to display pag "...

Web - Security

in a Web app By Technology Email Dmarc By Attack Cross-site Scripting ... Tools s-rah/onionscanonionscan Burp Burp Suite (Java based) Burp Suite "...

Share this page:

Software Security

Table of Contents

About

Illustrations

Data Lost

First Rule

Security / Privacy

Security and bug

Documentation / Reference

Recommended Pages

Data Mining - Intrusion detection systems (IDS) / Intrusion Prevention / Misuse

Application - Prevention

Authentication - Identity and Access Management Services (IAM)

Data Warehousing - 34 Kimball Subsytems

Java - Container

Security Testing Software

Web - Browser

Web - Security