Security Solutions and Security Resources
The following is an extensive library of security solutions articles and guides that are meant to be helpful and informative resources on a range of security solutions topics, from Web application security to information and network security solutions to mobile and Internet security solutions.
Serious About Security Veracode commits extensive resources to the design, implementation, monitoring and maintenance of our security infrastructure. Learn MoreSource Code Analysis For enterprises seeking a source code analysis solution that can actually deliver 100 percent coverage even when source code is not available, Veracode has the answer. Learn More
Software Code Security The key to achieving superior software code security is to find a solution that can review large amounts of code as needed, in order to meet development timelines. Learn More
SQL Injection SQL Injection is a type of web application security vulnerability in which an attacker is able to submit a database SQL command which is executed by a web application, exposing the back-end database. Learn More
Cross-site Scripting XSS vulnerabilities target scripts embedded in a page which are executed on the client-side (in the user’s web browser) rather than on the server-side. Learn More
Cross-site Request Forgery Cross-Site Request Forgery (CSRF) is a malicious attack that tricks the user’s Web browser to perform undesired actions so that they appear as if an authorized user is performing those actions. Learn More
LDAP Injection LDAP injection is the technique of exploiting web applications that use client-supplied data in LDAP statements without first stripping potentially harmful characters from the request. Learn More
CRLF injection refers to the special character elements "Carriage Return" and "Line Feed". Exploits occur when an attacker is able to inject a CRLF sequence into an HTTP stream. Learn More
Mobile Security There are 2 main categories of mobile code security risks, 1. Malicious Functionality and 2. Vulnerabilities. One, the category of Malicious Functionality is a list of unwanted and dangerous mobile code behaviors that are stealthily placed in a Trojan app that the user is tricked into installing. And two, the category of mobile code Vulnerabilities are errors in design or implementation that expose the mobile device data to interception and retrieval by attackers. Learn More
Code Review Tools Code review is an examination of computer source code. A Code Review Tool finds and fixes mistakes introduced into an application in the development phase, improving both the overall quality of software and the developers' skills. Learn More
Web Security Website security protects your data and your users. Learn More
Vulnerability Assessment Veracode's vulnerability assessment tools help users eradicate vulnerabilities. Learn More
Cyber Security Many companies and countries understand that cyber threat is one of the most serious economic security challenges they face and that their economic prosperity depends on cyber security. Learn More
Malicious Code Analysis Tools are designed to uncover any code in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a system. Learn More
Internet Security is critical for online applications because the Web and Internet applications must be available 24 hours a day, 7 days a week. Learn More
Dynamic Analysis is the testing and evaluation of a program by executing data in real-time and is key to application security. Learn More
Software Security By testing for flaws in software, security testing solutions seek to remove vulnerabilities before software is purchased or deployed — and before the flaws can be exploited. Learn More
Penetration Testing Penetration Testing tools are used as part of a penetration test to automate certain tasks, improve testing efficiency, and discover issues that might be difficult to find using manual analysis techniques alone. Learn More
Static Code Analysis Static code analysis, also commonly called "white-box" testing, looks at applications in non-runtime environment. This method of security testing has distinct advantages in that it can evaluate both web and non-web applications and through advanced modeling, can detect flaws in the software’s inputs and outputs that cannot be seen through dynamic web scanning alone. Learn More
Vulnerability Scanning Vulnerability scanning offers a way to find application backdoors, malicious code, and other threats that may exist in purchased software or applications developed internally. Learn More
Web Application Security Web application testing is critical to enterprise security. Because web applications must be available 24/7 and offer data access to customers, employees, suppliers, and others, they are frequently the weak link in enterprise security. Learn More
Flash Security Flash has a long record of critical security updates aimed at patching flash vulnerabilities and flash malware, but these issues continue to surface as more flash security issues are discovered. Learn More
Source Code Security Analyzer Source Code Security Analyzers performs both dynamic (automated penetration test) and static (automated code review) code analysis and finds security vulnerabilities that include malicious code as well as the absence of functionality that may lead to security breaches. Learn More
Software Testing Tools As the enterprise network has become more secure, attackers have turned their attention to the application layer, which, according to Gartner, now contains 90 percent of all vulnerabilities. To protect the enterprise, security administrators must perform detailed software testing and code analysis when developing or buying software. Learn More
Binary Analysis is a new approach for application security testing and is revolutionizing software security. Binary code analysis scans compiled or "byte" code instead of source code, so enterprises can test comprehensively and more accurately. Learn More
Application Testing Tool Application testing is an important part of securing your enterprise. By identifying vulnerability in software before it is deployed or purchased, Web application testing tools help ward off threats and the negative impact they can have on competitiveness and profits. Learn More
Static Analysis Static analysis is the analysis of computer software that is performed without actually executing, or running, that software. Static analysis tools look at applications in a non-runtime environment. This method of testing has distinct advantages in that it can evaluate both web and non-web applications and through advanced modeling, can detect flaws in the software’s inputs and outputs that cannot be seen through dynamic web scanning alone. Learn More
Insecure Cryptographic Storage Insecure Cryptographic Storage is a common vulnerability that occurs when sensitive data is not stored securely from internal users. Learn More
Application Vulnerability Applications are the weak link in your data protection strategy. Don't allow attackers to gain access to confidential information through vulnerabilities in your applications. Learn More
Data Security Resources
Data Breach Survival Guide
Ultimate Data Security Guide
Guide to Data Loss Prevention
HP Fortify
Whitehat Security
IBM Rational AppScan