News (247)

Microsoft gives coders a bug finder

Web developers in need of another set of eyes to check their code for security holes should soon be able to add an application scanner to Microsoft's Visual Studio .Net. Read more »

Linux guru argues against security liability

Alan Cox, one of the leading Linux kernel developers, has told a House of Lords hearing that neither open- nor closed-source developers should be liable for the security of the code they write. Read more »

Software should defend itself: Oracle CSO

Applications will have to defend themselves from attack in the future, according to Oracle's chief security officer Mary Ann Davidson. Read more »

Security experts warn of potential malicious AIR code

On Monday, Adobe Systems rolled out its new Web 2.0 development tool, Adobe Integrated Runtime, or AIR. Following its release were some concerns from the security community. Read more »

Exploit code released for Adobe Photoshop flaw

Exploit code that could take advantage of a "highly critical" security flaw in the most recent versions of Adobe Photoshop has been published, a security researcher reported this week. Read more »

Core Security finds critical Adobe Reader hole

A critical security hole in Adobe Reader could allow an attacker to take control of a computer, according to Core Security Technologies. Read more »

Microsoft criticises third party code for Windows crashes

Microsoft has laid the blame for half of all Windows crashes on third-party code. Read more »

Attack code raises Windows DNS zero-day risk

The public release of computer code that exploits a yet-to-be-patched Windows security hole increases the possibility of widespread attacks, security experts have warned. Read more »

Danger level rises for Perl flaws

A type of security flaw in Perl applications that experts thought could lead only to a denial-of-service attack is now believed to be much more serious. Read more »

Microsoft pretties Office for business apps

Office Business Applications is meant to encourage third-party application providers to write code that will integrate closely with Microsoft Office applications. Read more »

More Application, Code, Security News Results

Features (325)

Develop applications that prevent intrusion

Designing secure applications requires developers to look beyond their own code. Accessing APIs or COM objects or establishing system privileges can result in security vulnerabilities that can be prevented. Read more »

Develop secure software at the application level

Protect your application from input overflow and underflow attacks, and from other common tactics with these development techniques. Read more »

Windows Application Verifier can help you build better code

If you're building an application, it's likely that you'll want it to play nice with Windows. Microsoft's Windows Application Verifier can ensure that your application will work with current and future versions of Windows. Read more »

How to build secure ASP.NET applications

ASP.NET provides several ways to protect your Web-based app from attack. Here's an overview of authentication, authorisation, and role-based security. Read more »

Web application security frameworks (WASF), Part 2: Database lookup

Often, you will want parts of your Web application to be exclusive to certain users. This access distinction requires the use of Web application security frameworks. Continuing our series on Web app security, we explore the database lookup framework. Read more »

Web application security frameworks (WASF), Part 1: Introduction

Often you will want parts of your Web application to be exclusive to certain users. This access distinction requires the use of Web application security frameworks. This first article in the series introduces you to the three most often used methods. Read more »

Ask Chuck: ASP.NET best security practices

What best practices should you follow for an ASP.NET application? Our resident .NET expert Charles Sterling offers this quick tip. Read more »

Follow these steps to secure your data layer

A secure data layer is essential for a truly secure application. Learn how to nurture a secure environment for the pivotal Data tier of your application with the correct tools. Read more »

Simplify data caching with the .NET Caching Application Block

The Caching Application Block can save time and resources by caching Web services data for your distributed apps. It also offers a system for data security, expiration and scavenging, and a variety of storage options. See what the CAB has to offer. Read more »

Security through obscurity won't secure your code

Most applications use some form of security through obscurity, but you should avoid it when writing your apps. ZDNet Australia offers these tips on how to tighten up your code. Read more »

More Application, Code, Security Features Results

Blog (13)

AJAX applications and security

Lana Kovacevic [blogs:webanatomy] -- Douglas Crockford, the creator of JSON, gave a talk entitled "AJAX Security" at the recent Web Directions South conference. In this talk, Crockford discussed some of the security concerns with AJAX applications and what can be done to address them. Read more »

The 2008 Trends and Threats to Internet security

Lana Kovacevic [blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

Nokia starts trolling

Staff [blogs:syslog] -- This week Builder AU is on the road at linux.conf.au 2008 in Melbourne -- but before we get into all that is happening here, there is the small matter of Trolltech. Read more »

5 reasons restricting hacking is not like gun control

Nick Gibson [blogs:byteclub] -- Let's get it out of the way: Guns don't kill people, people with guns kill people. People with hacking tools can steal your personal data, shut down your system and deface your web site -- but is that any reason to ban them? Read more »

Application Threat Modeling v2

[blogs:] -- Threat Modeling has become one of the most important ways to increase the security of your application development projects. It allows you to understand the threats you will face, and implement countermeasure in a consistent, reliable way. If you only do one thing to improve yoru development processes, Threat Modeling should be it. Now with the new ACE Threat Modeling methodology and tools, it's easy to do as well! Read more »

Google to allow third party code in Gmail?

Brendon Chase [blogs:codemonkeybusiness] -- According to executives from the company, Google are preparing to open Gmail to developers outside the Googleplex labs. Read more »

Azure: A matter of trust

Brendon Chase [blogs:codemonkeybusiness] -- Ray Ozzie hit the nail on the head when he said Azure's success will hinge on trust. Who outside (and inside) the core circle of ISV trust Microsoft? Read more »

Firefox 3 add-ons to make you a better Web developer

Brendon Chase [blogs:codemonkeybusiness] -- Firefox might be a fast browser but it's extensions can transform it into a powerful development tool for Web developers and designers. Here are 10 of the best to get you started. Read more »

Are your Web apps ready for the next-gen browser war?

Brendon Chase [blogs:codemonkeybusiness] -- Webkit, Firefox, and Internet Explorer are all scheduled to update their browsers in 2008. Are you ready for Web dev test fest 08? Read more »

The Portal of the Future

Lana Kovacevic [blogs:webanatomy] -- At this year's Gartner Application Development, Integration and Web Services Summit, I attended Gene Phifer talk: "Portal of the Future: What's Beyond Web 2.0?". Read more »

More Application, Code, Security Blog Results

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff Crying, mooning and leaving

    In this week's roundup we see that continuous whining can get results, Linux users get 64-bit Flash and Moonlight previews, the latest in the Yahoo/Microsoft relationship and Senator Conroy ducks and weave in Senate Question Time. Read more »

    -- posted by Staff

  • Brendon Chase Sun eye Web developers with Netbeans 6.5

    Despite the recent employment axe hitting Sun the company has pushed out a new release of its Netbeans open source IDE with an eye to appeal more to Web developers. Read more »

    -- posted by Brendon Chase

  • Renai LeMay BarCamp buzz: Let the hacking continue

    Attending last weekend's BarCamp in Sydney, it was hard to escape the conclusion that a certain "dot-com bust" flavour had seeped into the kool aid previously being drunk by Australia's web 2.0 and early stage start-up sector. Read more »

    -- posted by Renai LeMay

What's on?