Ounce in the News

Group devises list of most essential security skills for Java programmers: SANS-led group sets parameters for basic competence

November 15, 2007 Computer World

Summary
Many analysts consider web application vulnerabilities one of the biggest security threats facing companies these days, but don’t necessarily have the capacity to pay attention to reducing the weaknesses in the applications they write. In order to address the problem in the Java programming field, the Maryland-based SANS Institute pulled together a group of security managers from various organizations, including Ounce Labs, to create a document that would become a formal security blueprint for Java programming in early 2008. Based on the idea of getting developers to focus on common vulnerabilities inside Java and their manifestation in source code, the document lists essential skills in the following fields for application security.

Read full article at Computer World.

Find out more about Web application vulnerabilities.