Problems with Software
Today's software is being produced faster than ever. With shrinking budgets, tight schedules, and without the knowledge of security testing, software vulnerabilities are everywhere. Typically the first customer of a product is the Quality Assurance Engineer. This QA team represents the customer. Most QA Engineers do not know what should be tested for in respect to security for the application. This site has been designed to help those QA Engineers to become more knowledgeable about security testing, possible vulnerability detection, and to help design a strategy on how to perform security testing and stop the vulnerabilities.
Software is everywhere. It is now in all sorts of different things you would never imagine. Software is being built on top of software and upon even more software. There could be and is security vulnerabilities in all sorts of different parts of the code. Some of that code hasn't been changed or modified in many many years. Back to a time when no one had heard of some of the latest security vulnerabilities and attacks.
Software that was never designed to be networked is now being networked and Internet enabled. There is a huge amount of software that was never designed for networking or the Internet. Now there are all sorts of software that is being web-enabled. Which that is great to hear, but it brings a whole slew of more security worries and potential vulnerabilities.
One of the most prevalent means of security related issues deals with Input Validation. The majority of problems deal with input validation. If the input was validated upon receipt, a huge number of security vulnerabilites would be solved.
To get an overview of the Vulnerability problems see the following links