AOH :: IS1581.HTM

The 25 Most Dangerous Programming Errors




The 25 Most Dangerous Programming Errors
The 25 Most Dangerous Programming Errors



http://www.bankinfosecurity.com/articles.php?art_id=1154 

By Linda McGlasson
Managing Editor
Bank Info Security
January 12, 2009

As banking regulators emphasize the necessity of application security, a 
broad-based consortium now sheds new light on the most common 
vulnerabilities.

Experts from more than 30 U.S. and international cyber security 
organizations, including the National Security Agency and the Department 
of Homeland Security's National Cyber Security Division, have just 
released a list of the 25 most dangerous programming errors [1] that can 
lead to security bugs and enable cyber crime.

The panel of experts - including thought-leaders from Symantec, 
Microsoft and Purdue University - worked since last September on this 
project, breaking down the 25 errors into three categories:

* Insecure Interaction Between Components;

* Risky Resource Management;

* Porous Defense.

[1] http://www.bankinfosecurity.com/external/2009_cwe_sans_top_25.pdf 

[...]


_______________________________________________      
Please help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html 

Site design & layout copyright © 1986-2014 CodeGods