10 August 2006 | 4,544 views

OWASP – Fortify Bug Taxonomy

Prevent Network Security Leaks with Acunetix

Ah at last a good solid collaborative effort to identify and categorise software vulnerabilities with a solid taxonomy and good organisation!

It seems very well written too in terms that anyone familiar with software development or programming can understand.

Fortify Software, which identifies and remediates software vulnerabilities, has contributed its collection of 115 types of software security errors to the Open Web Application Security Project (OWASP), a six-year old non-profit with almost 5,000 members whose “mission is to find and fight the causes of insecure software.”

The work will become part of OWASP’s Honeycomb Project.

This is a very good thing.

The OWASP Honeycomb project.

In the Honeycomb project, OWASP is assembling the most comprehensive and integrated guide ever attempted to the fundamental building blocks of application security (principles, threats, attacks, vulnerabilities, and countermeasures) through collaborative community efforts.

You can find the taxonomy itself here:

The Fortify Taxonomy of Software Security Errors

This site presents a taxonomy of software security errors developed by the Fortify Software Security Research Group together with Dr. Gary McGraw. Each vulnerability category is accompanied by a detailed description of the issue with references to original sources, and code excerpts, where applicable, to better illustrate the problem.

Source: Zdnet Blog



Recent in Countermeasures:
- Twitter Patents Technique To Detect Mobile Malware
- Passera – Generate A Unique Strong Password For Every Website
- HoneyDrive 3 Released – The Premier Honeypot Bundle Distro

Related Posts:
- The Top 10 PHP Security Vulnerabilities from OWASP
- OWASP (Open Web Application Security Project) Testing Guide v3 Released
- Cloud Security – The Next Big Thing? Fortify Readiness Scorecard

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 119,114 views
- Password Hasher Firefox Extension - 117,001 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,552 views

Low-cost VPS Hosting

Comments are closed.