I.N.S.E.C.U.R.E

I am becoming more and more interested in the (ISC)2 Certification called CSSLP: Certified Secure Software Lifecycle Professional

They have a whitepaper for this certification called “Code (In)Security” written by Mano Paul.
I am not allowed to publish the direct link because they request registration before giving the link to the whitepaper. In order to register (gratis), go to this link: http://www.isc2.org/wpv

There is something interesting in this whitepaper: the acronym I.N.S.E.C.U.R.E :
I – Injectable code
N – Non repudiation Mechanisms not present
S – Spoofable code
E – Exception and Errors not Properly handled
C – Cryptographically Weak Code
U – Usafe/Unsecure Functions and Routines in Code
R – Reversible code
E – Elevated Privileges Required to Run

I can’t copy paste what each of these mean, but do please, read the paper 😉


© Copyright 2010 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch