OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cam-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: SANS / MITRE Top 25 programming errors that effect security and CAM testing=?UTF-8?Q?toolkit=3F!?=

Interestingly the #1 error is:
 
CATEGORY: Insecure Interaction Between Components
 
CWE-20: Improper Input Validation
 
It's the number one killer of healthy software, so you're just asking for trouble if you don't ensure that your input conforms to
expectations... For more see: http://cwe.mitre.org/top25/#CWE-20
 
http://www.sans.org/top25errors/print.pdf
 
Obviously our work on the interoperability toolkit falls into this category of ensuring you send and receive what is expected and that your pass/fail test case suite ensures all logic paths are exercised and handled correctly.
 
You just cannot have too much test data!
 
Thanks, DW

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]