The 25 Most Dangerous Programming Errors

2009-01-13 06:01

http://www.bankinfosecurity.com/articles.php?art_id=1154 By Linda McGlasson Managing Editor Bank Info Security January 12, 2009 As banking regulators emphasize the necessity of application security, a broad-based consortium now sheds new light on the most common vulnerabilities. Experts from more than 30 U.S. and international cyber security organizations, including the National Security Agency and the Department of Homeland Security's National Cyber Security Division, have just released a list of the 25 most dangerous programming errors [1] that can lead to security bugs and enable cyber crime. The panel of experts - including thought-leaders from Symantec, Microsoft and Purdue University - worked since last September on this project, breaking down the 25 errors into three categories: * Insecure Interaction Between Components; * Risky Resource Management; * Porous Defense. [1] http://www.bankinfosecurity.com/external/2009_cwe_sans_top_25.pdf [...] _______________________________________________ Please help InfoSecNews.org with a donation! http://www.infosecnews.org/donate.html

News URL

http://www.bankinfosecurity.com/articles.php?art_id=1154