Skip to main content
January 4, 2007

Welcome to "Zero in a Bit"

Zero in a Bit is a blog about software security. We believe the root cause of most of the security problems today is insecure software. The internet is a global neighborhood where every digital miscreant is your next door neighbor. Far too often, software is the broken window allowing criminals access to the data and transactions organization need to protect.

Zero in a Bit is laser focused on software security. If we talk about vulnerabilities in the internet infrastructure we won’t be dissecting routing protocols, we will be analyzing integer overflows in routing software. When we speak of identity theft it won’t be about stolen backup tapes it will be about SQL injection or cross-site scripting in web applications that hold private data. There is often no process or additional layer that can be wrapped around insecure software to solve these security problems. We think you need to find the flaws in the software and fix them -- hopefully before the software gets deployed.

Topics we will cover include:

  • Software security testing and analysis
  • Software security metrics
  • The taxonomy of software vulnerabilities
  • Disclosing vulnerabilities
  • Zero day vulnerabilities
  • Malicious software and backdoors

Written by:

Related Content

Chris Wysopal, co-founder and CTO of Veracode, is recognized as an expert and a well-known speaker in the information security field. He has given keynotes at computer security events and has testified on Capitol Hill on the subjects of government computer security and how vulnerabilities are discovered in software. His opinions on Internet security are highly sought after and most major print and media outlets have featured stories on Mr. Wysopal and his work. At Veracode, Mr. Wysopal is responsible for the security analysis capabilities of Veracode technology.

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.