News (73)

Patched Oracle database 'still vulnerable'

The latest update for Oracle 10g Release 2 does not plug a hole that allows published attack code to run, according to a security researcher. Read more »

Oracle attack code out

Code is in the wild for one of the holes patched by the database firm on tuesday. Read more »

Software should defend itself: Oracle CSO

Applications will have to defend themselves from attack in the future, according to Oracle's chief security officer Mary Ann Davidson. Read more »

Security guru wants access to bug databases

Security expert Ross Anderson has called for empirical research to be conducted into whether open source or closed source software is more secure, and into the impact that development practices such as extreme programming (XP) have on code quality. Read more »

Study: Few bugs in MySQL database

A source-code analysis of the MySQL database, a popular open-source program at the heart of many Web sites, revealed few bugs compared with the number found in commercial code, testing company Coverity said Friday. Read more »

Oracle to be more selective in patch development

Oracle plans to stop automatically producing security patches for all systems its software runs on, instead creating fixes for uncommon combinations on request, the company said on Tuesday. Read more »

Microsoft may offer peek at SQL Server code

Will the software industry's wave of open-source databases spill onto Microsoft's turf? Read more »

Expert: Hold developers liable for flaws

Software developers should be held personally accountable for the security of the code they write, said Howard Schmidt, a former White House cybersecurity adviser. Read more »

Microsoft to release more source code?

Microsoft is considering the release of source code for a popular tool used to build Windows programs. Read more »

IBM tunes up for Jazz open-source project

IBM is working on an open-source project called Jazz to promote programming tools for globally distributed teams. Read more »

More Code, Database, Security News Results

Features (170)

Security through obscurity won't secure your code

Most applications use some form of security through obscurity, but you should avoid it when writing your apps. ZDNet Australia offers these tips on how to tighten up your code. Read more »

Make managed code work with .NET's CAS

Developers and administrators can set permission and trust levels with code access security (CAS), while allowing the code to execute effectively. Read more »

Comprehend the SAP Authorisation concept with these code samples

Whether you're a developer, a consultant, or the user of a SAP system, you'll eventually come across issues related to authorisation. This article provides some handy code samples to help you get acquainted with authorisation in SAP. Read more »

CGI wrappers for Apache-based apps can boost security

CGI scripts represent a big potential security risk in Web development, but using CGI wrappers can help insulate your servers from attack. Here's an outline of how to create CGI wrappers to protect an Apache Web server. Read more »

Develop applications that prevent intrusion

Designing secure applications requires developers to look beyond their own code. Accessing APIs or COM objects or establishing system privileges can result in security vulnerabilities that can be prevented. Read more »

Diagnose SQL Server performance problems

Usually, the hardest part of database tuning is finding the code bottlenecks. SQL Profiler's traces can help you locate your sluggish code. Read more »

Diagnose SQL Server performance problems

Usually, the hardest part of database tuning is finding the slow part. SQL Profiler's traces can help you find your sluggish code. Read more »

Web application security frameworks (WASF), Part 2: Database lookup

Often, you will want parts of your Web application to be exclusive to certain users. This access distinction requires the use of Web application security frameworks. Continuing our series on Web app security, we explore the database lookup framework. Read more »

Secure SQL Server: Installing for security

Securing SQL Server is vital to the design of any database system. Learn how to install SQL securely, protect data, and ensure its validity. Read more »

Develop secure software at the application level

Protect your application from input overflow and underflow attacks, and from other common tactics with these development techniques. Read more »

More Code, Database, Security Features Results

Blog (4)

Google destroys Security Through Obscurity

Chris Duckett [blogs:betaliving] -- Google Labs' new Code Search makes it easier for hackers to find database username and password details by entering strings that are commonly used within configuration files. Read more »

The 2008 Trends and Threats to Internet security

Lana Kovacevic [blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

Lets Shindig!

Lana Kovacevic [blogs:webanatomy] -- At this year's Google Developer Day in Sydney, Dan Peterson and John Hjelmstad talked about Apache Shindig, an open source implementation of OpenSocial and gadgets. Read more »

Is public domain software open-source?

Staff [blogs:syslog] -- When writing earlier this week about Adobe's sponsoring of the SQLite project, I ran into a complicated issue: is software released into the public domain also open-source software? Read more »

Log in


Sign up | Forgot your password?

Blogs

RSS feed

What's on?