“Avoiding the Top Ten Software Security Design Flaws”
By Iván Arce et al.
The IEEE Center for Secure Design, August 2014
Part of the IEEE’s Cybersecurity Initiative, this handbook features some of the leaders in academia and industry identifying the most common areas of vulnerability for software in an effort to promote stronger, more resilient systems.
The authors point out that a great deal of effort in information security is devoted to finding implementation bugs, rather than recognizing and correcting fundamental flaws in design. The 10 sections address topics such as user authentication, the separation between code and data, comprehensive data validation, and the proper use of cryptography, providing tips and describing best practices. For the full article click here
from cyber security caucus http://ift.tt/1KzdCay
via IFTTT
No comments:
Post a Comment