BT
x Share your thoughts on trends and content!
rss
  • Beyond Blacklisting: Cyberdefense in the Era of Advanced Persistent Threats

    by on  Mar 17, 2015 1

    In this article, authors discuss the security vulnerabilities in software applications and how whitelisting approach has advantages over blacklisting. They also talk about how to implement the whitelisting security policies and cost involved with it.

  • Employing Enterprise Architecture for Applications Assurance

    by on  Feb 26, 2015

    In this article, authors discuss how enterprise, software, and security architects can improve software assurance by using the enterprise architecture to promulgate the software security controls. They also talk about other security model components like threat modeling, attack trees, secure design patterns, and misuse cases.

  • How Well Do You Know Your Personae Non Gratae?

    by on  Nov 27, 2014

    In this article, author discusses three techniques to defend against malicious users in software systems. These techniques includes creating personas to think strategically about the mischief a malicious user might attempt, misuse cases used to determine how the software should respond to unintended use, and activity diagrams annotated with security concerns.

Keeping Your Secrets

Posted by on  Sep 30, 2013

Dennis Sosnoski explains how supposedly-secure connections can be downgraded to the point where they are easily broken and how to make it more difficult for anyone to see or alter your data exchanges. 2

Application Security Testing: The Double-sided Black Box

Posted by on  Feb 26, 2013

In this article, Rohit Sethi discusses the opaque nature of security verification tools and processes and the potential for false negatives not covered by techniques like automated dynamic testing. 1

Defending against Web Application Vulnerabilities

Posted by on  Jul 27, 2012

In this article, authors discuss the security in software development life cycle and how to defend against web application vulnerabilities using white-box analysis and black-box testing techniques. 1

Comparison of Intrusion Tolerant System Architectures

Posted by on  Nov 25, 2011

In this IEEE article, authors Quyen L. Nguyen and Arun Sood discuss three types of intrusion tolerant system architectures and their efficiency for intrusion tolerance and survivability. 1

Virtual Panel: Security Considerations in Accessing NoSQL Databases

Posted by on  Nov 15, 2011

NoSQL databases have been getting lot of attention lately but NoSQL data security is not given much emphasis. This article focuses on the security considerations in accessing NoSQL databases. 2

Resilient Security Architecture

Posted by on  Sep 27, 2011

In this IEEE article, author John Diamant talks about improving security quality of software applications using techniques like security requirements gap analysis and architectural threat analysis.

Enhanced Detection of Malware

Posted by on  Sep 30, 2009

This article discusses significant new threats to host agents, outlines a generic architecture for malware detection, based on enhanced cloud computing, and outlines enhanced computing solutions.

The Dark Cloud: Understanding and Defending against Botnets and Stealthy Malware

Posted by on  Aug 04, 2009

Botnets are the latest scourge to hit the Internet and this article provides and presents several promising anti-botnet defense strategies that specifically target current and emerging trends.

General Feedback
Bugs
Advertising
Editorial
Marketing
InfoQ.com and all content copyright © 2006-2016 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT

We notice you're using an ad blocker

We understand why you use ad blockers. However to keep InfoQ free we need your support. InfoQ will not provide your data to third parties without individual opt-in consent. We only work with advertisers relevant to our readers. Please consider whitelisting us.