Hi everyone,

When we talk about security, I think (as a layman) there are two ways
security
holes can be created.

1) Vulnerability in the platform (OS, SQL Server, IIS Server, etc.)
2) The way application is implemented or coded

First one is usually difficult to find out (can't quite be doing monitoring
of network
and simulating bad attempts), and usually we are reliant on the patches that

are put out by the vendors - e.g. Microsoft.

I think, second one is where we can do something or improve (as developer or
tester)
to avoid security holes by knowing how things are supposed to be implemented

and by knowing what kind of security holes can be created if we're not
careful.

Can someone point me to a place where I can get list of "dos and don'ts"
about
such things? I'd appreciate any kind of help.

Thanks,
-Yasutaka
GrapeCity India (formerly Bunka Orient India)
e-mail: yasutakagrapecity.com
web: http://www.grapecity.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]