labs
RSS labs
Bangalore blooming into innovation hothouse
Comment For more than a decade, multinationals which opened R&D labs in India were doing more 'D' than 'R'. Years ago, when the world pictured Bangalore they imagined an outsourcing hub full of call centre agents and... [27 Nov 2009]
Is Your Security Effective? The Value of Application Security Testing Tools
White Paper Watch this new program and learn why you need strong application security testing tools, what these tools need to include, and where to turn to find the right solution for your needs. Application Security Testing Tools - Is Your Security... [13 Nov 2009]
Software Security Governance in the Development Lifecycle: A Practical Guide From Accenture and Ounce Labs
White Paper Development organizations can be complex, with complicated processes and numerous stakeholders. Security professionals or analysts represent a unique perspective in development, but must share time with others who might be responsible... [12 Nov 2009]
McAfee Avert Labs Top 10 Threat Predictions for 2008
White Paper As 2007 comes to a close, it's a good time to reflect on the current threat landscape. The past 12 months comprised a record-breaking year. McAfee recorded well over 100,000 new viruses and Trojans, a 50 percent jump in the total number... [12 Nov 2009]
Two Security Vulnerabilities in the Spring Framework's MVC
White Paper While performing source-code security review engagements, members of the Ounce Labs' Advanced Research Team (ART) discovered and exploited the following two vulnerabilities in the commonly used Spring Framework's MVC... [12 Nov 2009]
Managing Identity Theft Risk in Software: The Need for Software Risk Analysis
White Paper Ounce Labs offers organizations a way to automatically audit their software in order to certify adherence to security policies and identify areas of potential vulnerability. By scanning the source code itself, this... [12 Nov 2009]
Taking Care: The Need for Secure Software in Healthcare
White Paper Healthcare organizations have always gone to great lengths to protect the confidentiality of their patients' medical information. Advances in technology have allowed the complex alliances between hospitals, insurance agencies, billing... [12 Nov 2009]
Security That Counts: The Need for Secure Software for Financial Services Providers
White Paper The financial services industry has some of the most stringent requirements for data privacy and regulatory compliance. Not only do customers and partners rely on the privacy and confidentiality of this critical data, but there are... [12 Nov 2009]
Trust, But Verify: How to Manage Risk in Outsourced Applications
White Paper Save money. Speed development. Augment staff resources. Tap expertise not available internally. The reasons for outsourcing application development are many and varied. Outsourcing can be a cost-effective and efficient solution to the... [12 Nov 2009]
Secure at the Source: Implementing Source Code Vulnerability Testing in the Software Development Life Cycle
White Paper The purpose of this paper is not to describe a new threat modeling process. Rather it is to document a series of workflow models to help guide how automated source code scanning can be implemented into an existing development process. [12 Nov 2009]
GPS/GPRS/GSM Based Mobile Asset Tracking
White Paper Global Positioning Satellites (GPS) enable the tracking of all kinds of mobile assets accurately and provide their real time positions to the owners on a 24 by 7 basis over the GPRS/GSM link. While the GPS provides the latitude/longitude... [12 Nov 2009]
Guidelines for Porting Flashlite Player on Symbian Series 60 Based Devices
White Paper The paper details the porting of Flashlite 2.0 Player to Symbian S60 based devices. This paper briefly discusses on S60 Software Development Kit (SDK), development environment and details on Flashlite 2.0 porting. [12 Nov 2009]
The Path to a Secure Application: A Source Code Security Review Checklist
White Paper The ongoing epidemic of data breach notifications forced by today's data breach disclosure laws has painfully highlighted the insecurity of many of today's applications. How, then, can organizations ensure their applications are secure,... [12 Nov 2009]
Light Weight Framework for RFID Applications
White Paper This white paper elucidates the development of a Framework for RFID applications, which acts as an interface between RFID Controls like tags/readers/controls obtained from different RFID vendors and the RFID based applications like ERP. [12 Nov 2009]
Weathering a Perfect Storm: The Collision of Application Vulnerabilities and Data Privacy
White Paper Compliance audits typically test whether the intrusion detection system, intrusion prevention system or firewall applications are probably working. These network-centric controls do not necessarily speak to data security. [12 Nov 2009]
