This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Template:Application Security News"
From OWASP
Line 15: | Line 15: | ||
; '''Jul 11 - [http://www.yankeegroup.com/public/research/author_page.jsp?ID=E6175864177D44AD Yankee predicts AAP to replace WAF]''' | ; '''Jul 11 - [http://www.yankeegroup.com/public/research/author_page.jsp?ID=E6175864177D44AD Yankee predicts AAP to replace WAF]''' | ||
: In a report titled, "Application Assurance Platforms Arise from Web App Firewall Market’s Ashes," Yankee projects overall product revenue in the evolving AAP market to grow to $230 million by 2009. AAP's are predicted to combine the web application firewall, database security, XML security gateway and application traffic management segments. | : In a report titled, "Application Assurance Platforms Arise from Web App Firewall Market’s Ashes," Yankee projects overall product revenue in the evolving AAP market to grow to $230 million by 2009. AAP's are predicted to combine the web application firewall, database security, XML security gateway and application traffic management segments. | ||
− | |||
− | |||
− | |||
; [[Application Security News|Older news...]] | ; [[Application Security News|Older news...]] |
Revision as of 23:33, 17 July 2006
- Jul 17 - Snarky headline
- "Spurious null checks are a symptom of bad code. That’s not to say that null checks are wrong. If a vendor gives you a library that can return null, you’re obliged to check for null. And, if people are passing null all over the place in your code, it makes sense to keep putting some null checks in, but, you know what? That just means that you’re dealing with bad code"
- Jul 12 - Beware integer overflow in Java
- Joshua Bloch (of Java Puzzlers fame) discovered this overflow that affects Arrays.binarySearch() and any other divide-and-conquer algorithms (probably other languages as well). "The general lesson that I take away from this bug is humility: It is hard to write even the smallest piece of code correctly, and our whole world runs on big, complex pieces of code."
- Jul 12 - Source code secrecy not a countermeasure
- Yet another pointless article discussing whether open-source or closed-source is more secure. The truth is that your application should be secure even if an attacker has the source. If you're using a source code control system (and you absolutely should), there are copies of your code all over the place. So get over it - secrecy isn't a countermeasure.
- Jul 11 - Yankee predicts AAP to replace WAF
- In a report titled, "Application Assurance Platforms Arise from Web App Firewall Market’s Ashes," Yankee projects overall product revenue in the evolving AAP market to grow to $230 million by 2009. AAP's are predicted to combine the web application firewall, database security, XML security gateway and application traffic management segments.