|
|
Guide to Software Risk Assessments |
|
This whitepaper outlines how new application security technologies enable organizations to meet the growing threat posed by software and provides risk management best practices which enterprises can use to secure their application inventory.
|
|
|
PCI Guide for Merchants and Service Providers |
|
This whitepaper helps Merchants and Service Providers understand and meet PCI DSS requirements.
|
|
|
Five Steps to Secure Outsourced Application Development |
|
Download the guide – "Five Steps to Secure Outsourced Application Development” and learn how independent verification and validation of offshore software, delivered through an on-demand service, can automate security acceptance testing and secure your enterprise.
|
|
|
Anti-Debugging – A Developers View |
|
Anti-debugging is the implementation of one or more techniques within computer code that hinders attempts at reverse engineering or debugging a target binary. Within this paper we will present a number of the known methods of antidebugging in a fashion that is easy to implement for a developer of moderate expertise. We will include source code, whenever possible, with a line by line explanation of how the antidebugging technique operates. The goal of the paper is to educate development teams on anti-debugging methods and to ease the burden of implementation.
|
|
|
Anti-Debugging – A Developers View - Source Code Examples |
|
Source code and real-world examples to illustrate the points made in the whitepaper: Anti-Debugging – A Developers View.
|
|
|
Protecting Your Organization from Application Backdoors |
|
Backdoors and malicious code pose significant operational risk to software that is too significant for organizations to ignore. This whitepaper discusses how binary (compiled code) analysis is the ideal platform for detectng backdoors and conducting the most complete independent security test, validation and verification of applications.
|
|
|
On-demand application security testing offered as an outsourced service – based on binary analysis and multiple scanning technologies – is a major step toward reducing risk in applications developed in house as well as applications purchased from third party vendors. Learn how moving to a SaaS model for application security can automate your code reviews.
|
|
|
PCI Guide for Payment Vendors |
|
This whitepaper explains how Payment Vendors can meet Visa PABP requirements and prepare for PCI PA-DSS compliance.
|
|
|
Understanding NIST 800-37 FISMA Requirements |
|
As part of its FISMA responsibility to develop standards and guidance for federal agencies, NIST created Special Publication (SP) 800-37 “Guide for the Security Certification and Accreditation of Federal Information Systems.” This whitepaper helps readers understand the relationship between NIST 800-37, FISMA and application security testing.
|
|
|
Understanding SaaS Security Questions |
|
Learn what security questions you should be asking SaaS providers and how Veracode addresses these core requirements.
|
|
|
A New Taxonomy for Application Backdoors |
|
This technical whitepaper describes a new way to classify backdoor vulnerabilities in applications and discusses static detection of backdoors.
|
|
|
