Page 1 of 1

New Top 25 Programming Errors

Posted: Thu Feb 18, 2010 12:34 am
by AnINffected
Questions: top25@sans.org

(Feb. 16, 2010) Today in Washington, D.C., experts from more than 30 U.S. and international cyber security organizations jointly released a new list of the 25 most dangerous programming errors that enable security bugs, cyber espionage and cyber crime. These 25 programming errors, and their "on the cusp cousins" have been the cause of nearly every major type of cyber attack, including recent penetrations of Google, power systems, military systems, and millions of other attacks on small businesses and home users. A global effort to eliminate these programming errors is the first step against organized cyber criminals, and the persistent threat from competing nation states.

In addition to the most common programming errors, acquisition experts agreed on a standard for contract language between software buyers and developers. The use of this contract language helps ensure buyers are not held liable for software containing faulty code. Coding errors are a common gateway for attackers to penetrate networks.
Πηγή και περισσότερα στο:
http://www.sans.org/