Learn how Parasoft SOAtest, now integrated with service virtualization and security penetration testing, offers an extensive, easy to use, and affordable approach to validating the security of your APIs.
Learn why Parasoft received the highest score for API testing and test automation with the “strongest continuous testing product offering” in this complimentary copy of “The Forrester WAVE: Modern Application Functional Test Automation Tools, Q4 2016.”
Automobiles are becoming the ultimate mobile computer and as such, there is unprecedented need to manage the risks of failure— protecting life and property, avoiding costly recalls, and reducing the risk of ruinous lawsuits. This on demand webinar covers five practical techniques for driving the risks out of embedded automotive software.
The IoT is creating security risks at a faster rate than it’s fixing them…exposing us to direct control of devices to lost of personal private data to actual control of the networks and computers in our homes and offices.
Continuous Testing provides a real-time, objective assessment of the business risks associated with an application under development. Learn how in this 70-page eBook.
With dozens of microprocessors and multiple networks and busses, modern connected cars are the ultimate mobile computers. Learn the risks posed by in-vehicle systems, how to assess that risk to your business, and the applicable tools and techniques for ensuring the quality and safety of infotainment systems.
The automobile industry relies on a vast, sprawling supply chain to create the hardware and software that goes into each vehicle. Learn how to manage the risk in your automotive software supply chain and ensure the quality, safety and security of downstream components.
Our automotive software and security experts team up to discuss how to improve embedded software security in the automotive environment. Topics covered include MISRA and ISO 26262 compliance, problem resolution, issue priority and impact management, and more.
Why do software engineers and others engaged in appsec marginalize the findings from their security tools?
In this on-demand webinar, our static analysis expert discusses how to ensure the security of your applications from Stagefright, Heartbleed, and other grisly-sounding software defects by leveraging standards to evolve development policies from static analysis findings.
In this on-demand webinar, we’ll discuss how busting software bugs does more than ensure the reliability and performance of your software—it helps ensure application security.
Learn why Parasoft received the highest score for API testing and test automation in this complimentary copy of “The Forrester WAVE: Modern Application Functional Test Automation Tools, Q2 2015.”
This Power Hour Webinar explores how to implement static analysis as a mechanism for preventing defects. You’ll learn how to leverage security standards (OWASP, PCI DSS, & CWE) and evolve development policies from static analysis findings.
Why do we have such vulnerable software today and what can we do about it? The focus is on software security, rather than network or physical. They’re just as important, but we seem to be doing a better job there than in the code itself.
Learn how Parasoft’s Application Security solution establishes a continuous process that ensures that security verification and remediation tasks are deployed across every stage of the SDLC.
Details how Parasoft reduces the time and cost of PCI DSS compliance.
In this on-demand webinar, Parasoft and the SWAMP discuss strategies for driving software assurance within your organization. Learn how to add a few processes to your software build in order to make it more secure.
Learn how Medicalert automated the functional, security, and performance testing for new APIs enabling them to become an increasingly agile and valued provider of new healthcare information services.
This infographic highlights some interesting findings from Parasoft’s research on API Integrity.
This session from the API Strategy & Practice Conference explores how software failures can impact brands, the importance of API Integrity, and why software testing environments need to be improved.
Security has finally landed as a hot topic in the world of embedded devices. Two key themes from last week’s Design West conference: a) security is everyone’s job and 2) build security in.
Exposing an API to your application is as risky as installing a doggie door into your house—as a recent incident with a bear aptly illustrates.
Learn about 1) New cloud service technologies that have made software infrastructure more vulnerable. 2) The exorbitant costs of failing to meet security standards. 3) The most effective development testing solution for improving application security.
Learn about the top challenges associated with ensuring API integrity in this on-demand webinar. It covers strategies and best practices for reducing the risks associated with each challenge.
In this Java Development Security eKit, you’ll gain insight on how to reduce risks of cyber attacks, such as DDoS and SQL injections.
Organizations taking to the cloud must be wary distributed denial-of-service attacks (DDOS) and SQL injections (SQLi) and other cyber-attacks. In this paper, you’ll learn how to build security into your Java application.
Read Arthur Hicken’s predictions re: SQL injection, cloud quality, component testing, Kindle Fire caching testing.
Explains how to prevent injection attacks by using input validation and static analysis to build security into your application.
Explains why approaching security as a bug-finding exercise is risky and inefficient, and then explains how to make your web sites immune to attacks including the SQL injections, Lizamoon mass injections & mesh injections.
This solution sheet introduces Parasoft’s Secure Application Development solution, which establishes a continuous process that ensures security verification and remediation tasks are not only deployed across every stage of the SDLC, but also ingrained into the team’s workflow.
Explains why and how to apply static analysis tools in the context of a policy-based security process that not only prevents security vulnerabilities, but also focuses on SDLC productivity.
To comply with corporate quality and security initiatives, Cisco Systems adopted static analysis, unit testing and code review. Learn how they automated these practices and seamlessly integrated them into their existing processes to deliver compliant code without impeding productivity.
MedicAlert needed to more rapidly deliver new services in a secure and effective fashion. Learn how they established a process for managing the functional, security, and performance testing challenges associated with their new capabilities and offerings.
Introduces best practices for applying security static analysis, data flow analysis, penetration testing, and workflow optimization to bake security into the application development process.
Discusses why a policy-based approach is the secret to success with static analysis.
For developers to work effectively in a security-conscious environment, addressing security-related coding issues must be integrated in developers’ daily workflow.
Discusses why the most effective security efforts define a policy that details security requirements, then use static analysis to verify that the policy is implemented in the code.
Details practices for ensuring Web service security throughout the SDLC.
Answers the question “”If I want to learn about WS-Policy and SAML, where should I start looking?””
Answers the question “Can you please explain what an XPath injection is?”
Discusses the rise in attacks on application logic and strategies for preventing them.
Answers the question “How can you relate WS-Security, WS-Trust, WS-Policy, WS-SecurePolicy and WS-Reliability to one another?”
Answers the question “How can one make sure an Ajax-enabled Web application is able to tell the difference between a real and a faked XMLHTTP request?”
Focuses on developing secure Web applications with the popular Java framework Struts.
Answers the question “What is an XML bomb and how do I protect my Web service against it?”
Answers the question “”Why are Web services potentially more vulnerable to security problems compared to traditional Web applications?””
Application attacks are responsible for a great majority of today’s cyber assaults. Application security testing is crucial to defeating digital foes.
Examines the threats to web applications and services, then outlines a strategy for preventing them.
Explains how best practices like unit testing and coverage analysis can help prevent buffer overflow security vulnerabilities.
Most developers truly believe that application security is not their concern… but are you ready for the code audit?
Traditionally, application security is an afterthought; we build our apps and try to poke holes in them later. Why not take potential security breaches into account from the very beginning? The Automated Error Prevention Methodology provides a framework you can use to integrate security concerns into your app development right from the start.
Explains how by recognizing TLS’s weaknesses and considering alternatives such as message layer security, you can ensure that you are implementing the best possible security scheme for your specific needs.
One effective way for development teams to prevent unexpected inputs is to perform thorough “”white-box”” testing at the unit level.
Some of the very features that make SOAP attractive, such as its flexibility and its compatibility with HTTP, also provide opportunities for security breaches. This article discusses SOAP security issues and how they can be addressed.