qasec.com
QASEC.com - Setting the appropriate security defect handling expectations in development and QA
http://www.qasec.com/2009/06/setting-the-appropriate-security-defect-handling-expectations-in-development-and-qa.html
Skip to main content. QASeccom - Software Security Testing in Quality Assurance and Development. Rsaquo; Secure Development Lifecycle(4). Rsaquo; Security Testing(4). Rsaquo; CGISecurity.com. Rsaquo; Webappsec.org. Rsaquo; QASec on twitter. Setting the appropriate security defect handling expectations in development and QA. Bug severity and prioritization. Core product functionality fails to operate as expected. The product becomes unreliable or unstable in common use cases. Sensitive company or customer...
qasec.com
QASEC.com - Identifying Risks in the Development Cycle
http://www.qasec.com/2006/10/identifying-risks-in-the-development-cycle.html
Skip to main content. QASeccom - Software Security Testing in Quality Assurance and Development. Rsaquo; Secure Development Lifecycle(4). Rsaquo; Security Testing(4). Rsaquo; CGISecurity.com. Rsaquo; Webappsec.org. Rsaquo; QASec on twitter. Identifying Risks in the Development Cycle. Actions shall be performed with the lowest privileges possible. Files and Registry Keys shall contain permissions restricting access except to those users that explicitly need it. Carefully reviewing your products functional...
qasec.com
QASEC.com - About
http://www.qasec.com/about.html
Skip to main content. QASeccom - Software Security Testing in Quality Assurance and Development. Rsaquo; Secure Development Lifecycle(4). Rsaquo; Security Testing(4). Rsaquo; CGISecurity.com. Rsaquo; Webappsec.org. Rsaquo; QASec on twitter. Welcome to QASec.com! I've founded the Web Security News Portal CGISecurity.com. And The Web Application Security Consortium. You can follow this conversation by subscribing to the comment feed. All Comments are Moderated and will be delayed!
qasec.com
QASEC.com - Using Fuzzers in Software Testing
http://www.qasec.com/2007/02/using-fuzzers-in-software-testing.html
Skip to main content. QASeccom - Software Security Testing in Quality Assurance and Development. Rsaquo; Secure Development Lifecycle(4). Rsaquo; Security Testing(4). Rsaquo; CGISecurity.com. Rsaquo; Webappsec.org. Rsaquo; QASec on twitter. Using Fuzzers in Software Testing. A short blurb on. The security industry has been using Fuzzers. To identify security vulnerabilities in popular products for years. This immediately tells us two things. 2) Fuzzers can yield results. Common Input and Output Locations.
aurorareport.blogspot.com
Aurora Report: Phone Blogging
http://aurorareport.blogspot.com/2010/03/phone-blogging.html
The problem is what you don't know is what you don't know and what you heard me say is not what I said. Saturday, March 13, 2010. I am watching the Redwings and the Sabers skate to a 2-2 stalemate. So I have been multi-tasking, pondering opportunities gained and those lost and decided to catch up on some of my blog reading. Reading other peoples blogs always makes me want to post to my own blog. One day at a time I guess. Go Mom Go! BTW Redwings win in OT3-2, a good end to nice day. Darknet - The Darkside.
itblog.adrian.citu.name
Eclipse BIRT | Adventures in the programming jungle
https://itblog.adrian.citu.name/category/eclipse-birt
Adventures in the programming jungle. How to use an external JavaScript file in a BIRT report. 28 July, 2015. In a recent assignment I had to write some custom Java Script code to treat some table cells from an Eclipse BIRT. This ticket explains the setting of an external Java Script file in a BIRT report. Define the resources folder for your BIRT project. Add the external Java Script file(s) to the BIRT report. 8220;CustomFunctions.js”. Was added an external JavaScript file). Update the BIRT web viewer.
joginipally.blogspot.com
Gopal's Blog: May 2008
http://joginipally.blogspot.com/2008_05_01_archive.html
Good security testing requires going beyond what is expected and thinking like an attacker who is trying to break the application. There is no 'patch' for stupidity". Tuesday, May 6, 2008. Fundamentals of WCF Security (Part One). Fundamentals of WCF Security (Part One):. Standards-based interoperability needs to be taken into account for communication across heterogeneous systems. Security is critical for applications, but often complicated to implement. Support for cross-vendor interoperability, includi...
joginipally.blogspot.com
Gopal's Blog: September 2007
http://joginipally.blogspot.com/2007_09_01_archive.html
Good security testing requires going beyond what is expected and thinking like an attacker who is trying to break the application. There is no 'patch' for stupidity". Friday, September 21, 2007. An Over View Of SQL Inection. In Detail with few examples:. The simplest SQL injection technique is bypassing login forms. See the following web application code used in login form:. Query = "SELECT Uname FROM Users WHERE Uname = ‘" and txtUsername and "‘ AND Pwd = ‘" and txtPassword and "‘...By the above lo...
joginipally.blogspot.com
Gopal's Blog: July 2008
http://joginipally.blogspot.com/2008_07_01_archive.html
Good security testing requires going beyond what is expected and thinking like an attacker who is trying to break the application. There is no 'patch' for stupidity". Friday, July 25, 2008. Disabling Unnecessary Services: Part One. Disabling unnecessary and potentially dangerous services:. Note: If any of the service is disabled then any services that explicitly depend on it will fail to start. Svchost.exe -k LocalService. Components depend on this :. Application Layer Gateway Service. Enable (Manual) if...