Resources: White Paper (RSS)

Showing Resources: 110 of 15

The Path to a Secure Application

A Source Code Security Review Checklist

Secure at the Source

Implementing Source Code Vulnerability Testing in the SDLC

Trust, but Verify

How to Manage Risk in Outsourced Applications

The Right Tool for the Right Job

An Application Security Tools Report Card

Two Security Vulnerabilities in the Spring Framework's MVC

Recently, members of the Ounce Labs’ Advanced Research Team (ART) discovered and exploited two vulnerabilities in the commonly used Spring Framework’s MVC (Model View Controller). These vulnerabilities allow attackers to subvert the expected application logic and behavior, potentially gaining control of the application itself, and access to any data, credentials or keys held in the application.

Meeting the PCI Application Security Requirements: Building Compliance In

A discussion of the PCI Data Security Standard and its focus on the importance of securing applications.

Knowledge is Power

Your software is trying to tell you something. If you listen carefully, you will gain knowledge about potential risks to your business. And knowledge is power.

Software Security Governance in the Development Lifecycle

A Practical Guide from Accenture and Ounce Labs

Securing the Public Sector: The need for secure software for government agencies

The need for secure software for government agencies

Security that Counts: The need for secure software for financial services providers

The need for secure software for financial services providers