secologic

Seite auf deutsch
Deutsch
Page in english
English
Results & Downloads :: Security for Applications :: Testing

Testing

In this area you’ll find material for security-testing. The problem of security-testing is that you have to test ‘how the normal functions/applications don’t have to work’.

Topic Version Language Date Type Format Author
A Pracatical Guide to Vulnerability Checkers English 03/13/06 White Paper pdf
SVS-UHH
Open Source Static Analysis Tools for Security Testing of Java Web Applications English 12/19/06 White Paper pdf
SAP
Leitfaden-Applikationspenetrationstest 1.0 Deutsch 04/02/07 Guide pdf
SAP
Security Tests for Web Services 1.0 English March 2007 Best Practice Guide pdf
SAP

CISAT

The term "static source code analysis" describes a class of algorithms that aims to "understand" computer programs automatically by examining the program's source code. As part of the secologic-project, we examined the capabilities of static source code analysis in respect to finding security vulnerabilities. Based on our findings we created CISAT, a framework to integrate static analysis for security into the development-process.

Topic Version Language Date Type Format Author
CISAT: Integration von sicherheitszentrierter statischer Analyse in den Enwicklungsprozess 1.0 Deutsch 02/07/06 Academic paper pdf
SVS-UHH
CISAT: Documentation and Software Packages 1.0 English 04/01/07 Software misc.
SVS-UHH