Sunday, 14 June 2015

Testing security



Security testing is a testing technique to determine if an information system protects data and maintains functionality as intended. It also aims at verifying 6 basic principles as listed below:
·         Confidentiality
·         Integrity
·         Authentication
·         Authorization
·         Availability
·         Non-repudiation

Open Source/Free Security Testing Tools:
Product
Vendor
URL
FxCop
Microsoft
https://www.owasp.org/index.php/FxCop
FindBugs
The University of Maryland
http://findbugs.sourceforge.net/
FlawFinder
GPL
http://www.dwheeler.com/flawfinder/
Ramp Ascend
GPL
http://www.deque.com
Commercial Security Testing Tools:
Product
Vendor
URL
Armorize CodeSecure
Armorize Technologies
http://www.armorize.com/index.php?link_id=codesecure
GrammaTech
GrammaTech
http://www.grammatech.com/
Appscan
IBM
http://www-03.ibm.com/software/products/en/appscan-source
Veracode
VERACODE
http://www.veracode.com

at No comments:
Subscribe to: Posts (Atom)

IoT and M2M

IoT and M2M  

  • MIS Office Automation
          The use of computer is to execute a variety of office operations, such as word processing, accounting, and e-mail. Office au...
  • Pitfalls in MIS Development
            Following are the pitfal ls of the MIS development :      (A) Fundamental Weaknesses : Following are the fundamental weaknesse...
  • Information System Architecture
            The architecture is a art and science of designing.        An information system architecture is a formal definition of the bu...