Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] Password in Configuration File phylum 2nd Password Management phylum Passwords Empty Password in Configuration File Hard-Coded Passwords Password in Configuration File 2nd Password Management Path Manipulation phylum Path Traversal phylum Penetration testing and risk-based security testing application benefits of by reformed hackers constructive/destructive nature current practices description examples 2nd feedback from flyover improved practices iterative testing last check, not first check limitations of mitigation strategies "pretend security" solutions repeatable results results interpretation software developers and information security practitioners testing for negatives tools for APISPY32 attackers breakpoint setters CANVAS Cenzic control flow coverage decompilers disassemblers fault injection Hailstorm Holodeck monitors rootkits shell code value of 2nd People in the security process. [See Security professionals.] Perimeter defense Personnel. [See Security professionals.] Phyla. [See Taxonomy of coding errors, phyla.] Pillars of software security 2nd Pitfalls to software security PLOVER (Preliminary List of Vulnerability Examples for Researchers) Prescriptive knowledge "Pretend security" solution Principles, knowledge catalog 2nd 3rd Privacy Violation phylum Private Array-Type Field ... phylum Privilege Management phylum Problems. [See Bugs; Causes of problems; Defects; Flaws.] Process agnostic best practice 2nd 3rd Process Control phylum Public Data Assigned ... phylum |