Quantcast
Channel: SPEC INDIA » Security
Browsing latest articles
Browse All 10 View Live

SQL Injection

SQL injection is basically to insert or “inject” SQL queries and commands into input data, which can cause any number of insecure behaviors and user privacy violations. Many e-commerce applications use...

View Article



Software Characterization

The first step required in analyzing any software, whether new or existing, for risk is to achieve a full understanding of what the software is and how it works. For architectural risk analysis, this...

View Article

What are Client-side web attacks?

Web Attacks can take place on the user’s end, in which case they are called client-side attacks.  Client-side web attacks include the following: Malicious HTML tags in web requests Malicious code in a...

View Article

Risk Management and Security Testing

Software security practitioners perform many different tasks to manage software security risks, such as: Creating security abuse/misuse cases Listing normative security requirements (and security...

View Article

Why should one Perform Code Maintenance?

Although many people don’t consider code maintenance to be design work, our experience is that the way maintenance is carried out can make or break the security of a design. Similar to retrofitting...

View Article


Network Hubs, Switches and Ethernet sniffers

Ethernet sniffers are one of the most powerful tools in your network security arsenal. However, in the wrong hands they can be one of the biggest threats to the security of your network. It may be an...

View Article

A prototypical risk analysis..

A majority of risk analysis process descriptions emphasize that risk identification, ranking, and mitigation is a continuous process and not simply a single step to be completed at one stage of the...

View Article

What Is Encryption?

Encryption (sometimes called enciphering) transforms original information, called plaintext or cleartext, into transformed information, called ciphertext, codetext, or simply cipher, which usually has...

View Article


Risk Management and Security Testing

Software security is about making software behave in the presence of a malicious attack even though, in the real world, software failures usually happen spontaneously that is, without intentional...

View Article


What are cross site scripting attacks?

Cross-site scripting (XSS) bugs are a form of security defect unique to web-based applications that allow user data tied to the vulnerable web server’s domain, usually held in cookies, to be disclosed...

View Article
Browsing latest articles
Browse All 10 View Live




Latest Images