Knowledge

483: 377: 921: 898: 929: 287: 370: 861: 657: 217: 116: 911: 78: 31: 724: 363: 314: 916: 837: 637: 200: 75: 955: 893: 851: 507: 965: 754: 472: 232: 87: 32: 739: 617: 512: 827: 779: 442: 960: 868: 602: 57: 888: 800: 749: 694: 562: 535: 517: 415: 386: 482: 139: 8: 672: 447: 405: 97: 856: 784: 689: 179: 104: 904: 662: 597: 547: 494: 452: 400: 332: 309: 227: 212: 121: 873: 813: 577: 567: 462: 151: 43: 764: 744: 642: 467: 457: 147: 63: 340: 265: 934: 832: 682: 632: 607: 572: 552: 432: 420: 157: 68: 53: 39: 949: 844: 805: 774: 769: 622: 612: 582: 242: 184: 143: 128: 93: 49: 878: 734: 437: 237: 28: 818: 652: 627: 592: 427: 190: 883: 699: 647: 530: 410: 355: 759: 714: 709: 557: 525: 330: 719: 677: 540: 308: 172: 110: 729: 704: 667: 222: 587: 502: 310:"Security vulnerability categories in major software systems" 100: 187:, often but not always due to improper exception handling 166: 331: 307: 947: 341:"CWE/SANS TOP 25 Most Dangerous Software Errors" 266:"CWE/SANS TOP 25 Most Dangerous Software Errors" 371: 74:Security bugs do not need be identified nor 378: 364: 922:Security information and event management 385: 288:"Software Quality and Software Security" 260: 258: 948: 899:Host-based intrusion detection system 359: 255: 930:Runtime application self-protection 13: 481: 324: 14: 977: 862:Security-focused operating system 658:Insecure direct object reference 218:Hacking: The Art of Exploitation 162:Secure input and output handling 117:Software engineering methodology 35:by compromising one or more of: 912:Information security management 301: 280: 92:Security bugs, like all other 1: 248: 194: 7: 917:Information risk management 838:Multi-factor authentication 394:Related security categories 206: 201:software security assurance 134: 10: 982: 894:Intrusion detection system 852:Computer security software 508:Advanced persistent threat 85: 793: 493: 479: 473:Digital rights management 393: 233:Vulnerability (computing) 88:Vulnerability (computing) 81: 618:Denial-of-service attack 513:Arbitrary code execution 33:security vulnerabilities 828:Computer access control 780:Rogue security software 443:Electromagnetic warfare 874:Obfuscation (software) 603:Browser Helper Objects 487: 869:Data-centric security 750:Remote access trojans 485: 801:Application security 695:Privilege escalation 563:Cross-site scripting 416:Cybersex trafficking 387:Information security 16:Type of software bug 448:Information warfare 406:Automotive security 857:Antivirus software 725:Social engineering 690:Polymorphic engine 643:Fraudulent dialers 548:Hardware backdoors 488: 333:"2013 Top 10 List" 180:exception handling 105:Software developer 46:and other entities 956:Computer security 943: 942: 905:Anomaly detection 810:Secure by default 663:Keystroke loggers 598:Drive-by download 486:vectorial version 453:Internet security 401:Computer security 228:Threat (computer) 213:Computer security 165:Faulty use of an 122:Quality assurance 973: 966:Software testing 814:Secure by design 745:Hardware Trojans 578:History sniffing 568:Cross-site leaks 463:Network security 380: 373: 366: 357: 356: 352: 350: 348: 336: 318: 317: 305: 299: 298: 296: 295: 284: 278: 277: 275: 273: 262: 152:dangling pointer 981: 980: 976: 975: 974: 972: 971: 970: 946: 945: 944: 939: 789: 489: 477: 468:Copy protection 458:Mobile security 389: 384: 346: 344: 339: 327: 325:Further reading 322: 321: 306: 302: 293: 291: 286: 285: 281: 271: 269: 264: 263: 256: 251: 209: 197: 148:buffer overflow 137: 90: 84: 64:confidentiality 25:security defect 17: 12: 11: 5: 979: 969: 968: 963: 958: 941: 940: 938: 937: 935:Site isolation 932: 927: 926: 925: 919: 909: 908: 907: 902: 891: 886: 881: 876: 871: 866: 865: 864: 859: 849: 848: 847: 842: 841: 840: 833:Authentication 825: 824: 823: 822: 821: 811: 808: 797: 795: 791: 790: 788: 787: 782: 777: 772: 767: 762: 757: 752: 747: 742: 737: 732: 727: 722: 717: 712: 707: 702: 697: 692: 687: 686: 685: 675: 670: 665: 660: 655: 650: 645: 640: 635: 633:Email spoofing 630: 625: 620: 615: 610: 605: 600: 595: 590: 585: 580: 575: 573:DOM clobbering 570: 565: 560: 555: 553:Code injection 550: 545: 544: 543: 538: 533: 528: 520: 515: 510: 505: 499: 497: 491: 490: 480: 478: 476: 475: 470: 465: 460: 455: 450: 445: 440: 435: 433:Cyberterrorism 430: 425: 424: 423: 421:Computer fraud 418: 408: 403: 397: 395: 391: 390: 383: 382: 375: 368: 360: 354: 353: 337: 326: 323: 320: 319: 300: 279: 253: 252: 250: 247: 246: 245: 240: 235: 230: 225: 220: 215: 208: 205: 196: 193: 192: 191: 188: 185:Resource leaks 182: 176: 169: 163: 160: 158:Race condition 155: 136: 133: 132: 131: 129:best practices 125: 119: 114: 108: 86:Main article: 83: 80: 72: 71: 69:Data integrity 66: 60: 47: 40:Authentication 15: 9: 6: 4: 3: 2: 978: 967: 964: 962: 961:Software bugs 959: 957: 954: 953: 951: 936: 933: 931: 928: 923: 920: 918: 915: 914: 913: 910: 906: 903: 900: 897: 896: 895: 892: 890: 887: 885: 882: 880: 877: 875: 872: 870: 867: 863: 860: 858: 855: 854: 853: 850: 846: 845:Authorization 843: 839: 836: 835: 834: 831: 830: 829: 826: 820: 817: 816: 815: 812: 809: 807: 806:Secure coding 804: 803: 802: 799: 798: 796: 792: 786: 783: 781: 778: 776: 775:SQL injection 773: 771: 768: 766: 763: 761: 758: 756: 755:Vulnerability 753: 751: 748: 746: 743: 741: 740:Trojan horses 738: 736: 735:Software bugs 733: 731: 728: 726: 723: 721: 718: 716: 713: 711: 708: 706: 703: 701: 698: 696: 693: 691: 688: 684: 681: 680: 679: 676: 674: 671: 669: 666: 664: 661: 659: 656: 654: 651: 649: 646: 644: 641: 639: 636: 634: 631: 629: 626: 624: 623:Eavesdropping 621: 619: 616: 614: 613:Data scraping 611: 609: 606: 604: 601: 599: 596: 594: 591: 589: 586: 584: 583:Cryptojacking 581: 579: 576: 574: 571: 569: 566: 564: 561: 559: 556: 554: 551: 549: 546: 542: 539: 537: 534: 532: 529: 527: 524: 523: 521: 519: 516: 514: 511: 509: 506: 504: 501: 500: 498: 496: 492: 484: 474: 471: 469: 466: 464: 461: 459: 456: 454: 451: 449: 446: 444: 441: 439: 436: 434: 431: 429: 426: 422: 419: 417: 414: 413: 412: 409: 407: 404: 402: 399: 398: 396: 392: 388: 381: 376: 374: 369: 367: 362: 361: 358: 342: 338: 334: 329: 328: 315: 311: 304: 289: 283: 267: 261: 259: 254: 244: 243:Secure coding 241: 239: 236: 234: 231: 229: 226: 224: 221: 219: 216: 214: 211: 210: 204: 202: 189: 186: 183: 181: 177: 174: 170: 168: 164: 161: 159: 156: 153: 149: 145: 144:Memory safety 142: 141: 140: 130: 126: 123: 120: 118: 115: 112: 109: 106: 103: 102: 101: 99: 95: 94:software bugs 89: 79: 77: 70: 67: 65: 61: 59: 55: 54:access rights 51: 50:Authorization 48: 45: 41: 38: 37: 36: 34: 30: 26: 22: 879:Data masking 438:Cyberwarfare 345:. Retrieved 313: 303: 292:. Retrieved 290:. 2008-11-02 282: 270:. Retrieved 238:Hardware bug 198: 138: 96:, stem from 91: 73: 29:software bug 24: 21:security bug 20: 18: 819:Misuse case 653:Infostealer 628:Email fraud 593:Data breach 428:Cybergeddon 98:root causes 950:Categories 884:Encryption 760:Web shells 700:Ransomware 648:Hacktivism 411:Cybercrime 294:2017-04-28 249:References 195:Mitigation 127:and other 58:privileges 715:Shellcode 710:Scareware 558:Crimeware 518:Backdoors 178:Improper 171:Improper 76:exploited 889:Firewall 794:Defenses 720:Spamming 705:Rootkits 678:Phishing 638:Exploits 207:See also 175:handling 173:use case 135:Taxonomy 113:analysis 111:Use case 107:training 730:Spyware 673:Payload 668:Malware 608:Viruses 588:Botnets 495:Threats 347:13 July 272:13 July 223:IT risk 124:testing 924:(SIEM) 901:(HIDS) 785:Zombie 522:Bombs 503:Adware 343:. SANS 268:. SANS 146:(e.g. 82:Causes 770:Worms 765:Wiper 683:Voice 531:Logic 154:bugs) 62:Data 44:users 27:is a 536:Time 526:Fork 349:2012 274:2012 199:See 150:and 56:and 541:Zip 167:API 52:of 42:of 23:or 952:: 312:. 257:^ 203:. 19:A 379:e 372:t 365:v 351:. 335:. 316:. 297:. 276:.