Web Application Scanners: Definitions and Functions
TLDR
This paper identifies a taxonomy of software security assurance tools and defines one type of tool: Web application scanner, i.e., an automated program that examines Web applications for security vulnerabilities.Abstract:
There are many commercial software security assurance tools that claim to detect and prevent vulnerabilities in application software. However, a closer look at the tools often leaves one wondering which tools find what vulnerabilities. This paper identifies a taxonomy of software security assurance tools and defines one type of tool: Web application scanner, i.e., an automated program that examines Web applications for security vulnerabilities. We describe the types of functions that are generally found in a Web application scanner and how to test itread more
Citations
More filters
Journal ArticleDOI
An analysis of security issues for cloud computing
TL;DR: This work identifies the main vulnerabilities in this kind of systems and the most important threats found in the literature related to Cloud Computing and its environment as well as to identify and relate vulnerabilities and threats with possible solutions.
Posted Content
An Analysis of the Cloud Computing Security Problem
TL;DR: A detailed analysis of the cloud security problem is introduced and key features that should be covered by any proposed security solution are derived.
Proceedings Article
An analysis of the cloud computing security problem
TL;DR: In this article, the authors introduce a detailed analysis of the cloud security problem, and derive a detailed specification of the Cloud security problem and key features that should be covered by any proposed security solution.
Journal ArticleDOI
A survey of security issues for cloud computing
TL;DR: A survey of security issues in terms of security threats and their remediations is presented and a parametric comparison of the threats being faced by cloud platforms is performed.
Journal ArticleDOI
On cloud security requirements, threats, vulnerabilities and countermeasures: A survey
Rakesh Kumar,Rinkaj Goyal +1 more
TL;DR: This study contributes towards identifying a unified taxonomy for security requirements, threats, vulnerabilities and countermeasures to carry out the proposed end-to-end mapping and highlights security challenges in other related areas like trust based security models, cloud-enabled applications of Big Data, Internet of Things, Software Defined Network (SDN) and Network Function Virtualization (NFV).
References
More filters
Journal ArticleDOI
Basic concepts and taxonomy of dependable and secure computing
TL;DR: The aim is to explicate a set of general concepts, of relevance across a wide range of situations and, therefore, helping communication and cooperation among a number of scientific and technical communities, including ones that are concentrating on particular types of system, of system failures, or of causes of systems failures.
Basic Concepts and Taxonomy of Dependable and Secure Computing
TL;DR: In this paper, the main definitions relating to dependability, a generic concept including a special case of such attributes as reliability, availability, safety, integrity, maintainability, etc.
Book
Software Security: Building Security In
TL;DR: This book presents a detailed approach to getting past theory and putting software security into practice, and describes a manageably small set of touchpoints based around the software artifacts that you already produce that can be adopted without radically changing the way you work.
Journal ArticleDOI
A taxonomy of computer program security flaws
TL;DR: This survey provides a taxonomy for computer program security flaws, with an Appendix that documents 50 actual security flaws that provide a good introduction to the characteristics of security flaws and how they can arise.
Journal ArticleDOI
Seven pernicious kingdoms: a taxonomy of software security errors
TL;DR: This new taxonomy is made up of two distinct kinds of sets, which the authors're stealing from biology: a phylum (a type of coding error, such as illegal pointer value) and a kingdom (a collection of phyla that shares a common theme,such as input validation and representation).
Related Papers (5)
Review: A survey on security issues in service delivery models of cloud computing
S. Subashini,V. Kavitha +1 more