Not that it has been a quiet week in the web application seucrity arena, it was simply a busy week.
Microsoft’s SDL Expands Beyond Redmond
Microsoft has given the industry a process for secure software development. After more than 10 years of developing this process, it’s effects within Microsoft have shown to be positive. Other organizations have adopted either part of all of this lifecycle process and have also experienced positive effects. This article discusses a use case for adoption of the process by an organization that manufactures smart meters and the positive outcome. If your organization has not adopted the SDL, it’s time to understand the process and see how it can help your organizations products.
http://threatpost.com/en_us/blogs/microsofts-sdl-expands-beyond-redmond-051612
Update of Microsoft SDL 5.2 has been released
Microsoft Security Development Lifecycle (SDL) is an industry-leading software security assurance process. A Microsoft-wide initiative and a mandatory policy since 2004, the SDL has played a critical role in embedding security and privacy in Microsoft software and culture. Combining a holistic and practical approach, the SDL introduces security and privacy early and throughout all phases of the development process. New version (v 5.2) has been released with the updates.
NASA SSL Digital Certificate hacked
SSL certificate of NASA has ben hacked by exploiting a vulnerability within the portal’s login system. Attack resulted in obtaining User information for thousands of NASA researcher With Emails and Accounts of other users. Portal running in NASA can be vulnerable and attacked to steal information. Is your applications protected against attacks? Test your application with NTOSpider to find out whether you are protected???
http://thehackernews.com/2012/05/nasa-ssl-digital-certificate-hacked-by.html
Leave a Reply