Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] Safeguards, architectural risk analysis [See also Mitigation strategies.] Safety property violations SATAN SBI386 2nd SD West SDL (Secure Development Lifecycle) 2nd SDLC (Software Development Lifecycle) Secure Development Lifecycle (SDL) 2nd Secure Software SecureUML Security built-in versus bolted on defending the perimeter, does not work versus software Security Band-Aid Security engineering, rise of Security Features vulnerability kingdom 2nd Security operations constructive/destructive nature description flyover inter-group cooperation. [See Software developers and information security practitioners.] Security professionals abuse case development and software developers. [See Software developers and information security practitioners.] inter-group communication barriers origin of risk-based security testing team building Security requirements constructive/destructive nature description flyover recommended reading Security testing. [See Risk-based security testing.] Security tracker Setting Manipulation phylum Seven kingdoms. [See Taxonomy of coding errors, kingdoms.] Signal Handling Race Conditions phylum SLA (service level agreement) 2nd SLAM tool Smart card, example Smurfware exercise SOA (Service Oriented Architecture) 2nd 3rd 4th SOAP protocol Sockets phylum Software artifacts. [See Artifacts.] process and religion testing. [See Penetration testing; Risk-based security testing.] vulnerability, cause of problems Software architect catfights Software developers and information security practitioners abuse cases architectural risk analysis business risk analysis code review 2nd deployment and operations example information security as Boogey man inter-group communication barriers inter-group cooperation penetration testing security testing "ugly baby" problem Software security academic courses in and operations best practices. [See Touchpoints.] definition 2nd enterprise-wide. [See Enterprise software security.] multidisciplinary effort people pillars of 2nd potential research areas responsibility for team building 2nd three pillars 2nd unique qualities of versus application security versus software safety Software Security Manager Software security people Software security touchpoints 2nd Source code analysis, tutorial analyzers, commercial vendors [See also Fortify Source Code Analysis Suite.] lines of major operating systems normalizing relation to vulnerabilities Windows reviewing. [See Code review, tools.] scanners 2nd Specification checking Splint tool SQL injection SQL Injection phylum Standards-based architectural risk analysis Static code analysis example history STRIDE 2nd 3rd 4th related to attack resistance analysis String Manipulation phylum String Termination Error phylum Struts phylum Synthesizing and ranking risks, RMF 2nd System Information Leak phylum System testing System.exit() phylum |