Linux Kernel. Security Report

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Linux Kernel. Security Report"

Transcription

1 Linux Kernel Security Report September 25 Authors: Andy Chou, Bryan Fulton and Seth Hallem Coverity has combined two years of analysis work carried out in a commercial setting at Coverity with four years of academic research conducted at the Computer Science Laboratory at Stanford University. Executive Summary Four years of analysis of the source code for the Linux operating system have revealed that the system has become more secure by reducing the number of dangerous security defects detected in the most critical parts of the Linux kernel. Coverity has combined two years of analysis work carried out in a commercial setting at Coverity with four years of academic research conducted at the Computer Science Laboratory at Stanford University using an early prototype of Coverity's technology. Our study had led us to several conclusions: Linux has proven to be a stable, secure platform, which is only improving over time. Major development efforts increase defect density while subsequent small revisions tend to fix a large number of bugs. The number of security defects tends to increase with code size, yet the percentage located in security-critical areas in the code continues to decrease. The code-heavy drivers account for 5-65% of security defects, while the core kernel accounts for between 1-2% and the file systems account for 9-13%. Linux Report Linux's open source development process aids in the continued security and stability of the system as a whole. As Linux grows and more developers have the chance to contribute to the source code, basic secure coding rules are not followed consistently in certain areas of the code causing severe security defects to escape into released versions of the kernel. Linux's development methodology would benefit from a centralized security auditing process. Adding more contributors to the Linux kernel who do not understand security rules will decrease the overall security of the system without a centralized auditing effort to ensure that secure coding rules are followed consistently.

2 The Linux Security Study In this report we illustrate the results of a series of security-specific analyses of the Linux kernel. This is an update to our December, 24 report regarding the overall quality of the kernel, which analyzed over 5.5 million lines of Linux kernel source code. This report examines the evolving state of security in the Linux kernel over the course of 4 years worth of kernel releases. The main improvements to our methodology in this study are: Coverity's team regularly reports detected security flaws and other critical bugs to the Linux kernel implementers. Currently, we are working to make all the detected bugs available to the maintainers of the major components of the kernel. The use of advanced security-specific analyses. The use of a sophisticated "tainted data" dataflow analysis engine that specifically tracks the propagation of user-controllable tainted data. Analysis improvements that understand the implications and security concerns of "user land" and "kernel land" memory mapping. Coverity's team regularly reports detected security flaws and other critical bugs to the Linux kernel implementers. Currently, we are working to make all the potential defects available to the maintainers of the major components of the kernel. In general, these bug reports are quickly converted into patches by the responsible implementers that remedy the defective source code. The patch is then released to the Linux kernel mailing list for vetting by a broader audience, which helps ensure that each fix is, in fact, a complete fix, and that each fix does not introduce another problem. Patches are generally applied to the latest release candidate of the kernel by the maintainer for that candidate. Patches are often released within a matter of days of the release of the bug reports. In some circumstances, a security advisory is released that contains numerous security-specific fixes and users are recommended to upgrade to the newest version immediately rather than wait for the next release candidate. Coverity's Security Analysis Coverity's security analysis finds numerous coding defects that can lead to dangerous security vulnerabilities. These defects include improper stack/heap access, integer overflow, buffer overflow, file-based race conditions, platform specific bugs, insecure coding practices, and exploitable string management errors. These errors can lead to serious issues such as memory corruption, privilege escalation, unauthorized reading of memory or files, process/system crashes, denial of service, etc. Modern applications and systems must constantly interact with the untrustworthy outside world while still maintaining a high level of reliability and availability in the face of malicious users or processes. Given this operating environment, a key rule in computer security is to properly validate all inputs to a program. Data obtained from the outside world must be treated as potentially dangerous until the proper steps have been taken to sanitize its contents and ensure its validity. Untrustworthy data can enter a system through a variety of means such as command-line arguments, files, environment variables, over the network, copied from user-land memory, etc. Coverity's security analysis uses a combination of Coverity Prevent's analysis engine and sophisticated tracking of this "tainted" data to pinpoint security holes. Using Coverity's interprocedural analysis engine, we are able to track data as it flows throughout a program, searching for potential improper uses of this data. 2

3 In this study, our analysis focused on automatically detecting seven different categories of security defects. The first five (Tainted Scalar, Tainted String, User Pointer, String Null and String Size) focus on potential misuses of different types of tainted data. The remaining two analyses (Overrun Static and Overrun Dynamic) detect "traditional" buffer overruns of stack or heap allocated data. Type Tainted Scalar Description Unsafe usage of tainted scalars Effect Buffer overflow, integer overflow, denial of service, or memory corruption. Tainted String Unsafe usage of tainted strings Unsafe resource read/write, environment corruption, cross-site scripting, file corruption, format string vulnerabilities, command injection, or SQL injection. User Pointer String Null String Size Overrun Static Overrun Dynamic Unsafe dereference of user-land pointers Unsafe use of tainted, potentially nonterminated strings Unsafe use of tainted strings with a potentially unbounded size. Buffer overrun on the stack Buffer overrun on the heap Denial of service or memory corruption. Denial of service or memory corruption. Buffer overflow or possible execution of arbitrary code. Stack corruption, malicious code injection, or denial of service. Heap corruption, malicious code injection, or denial of service. For security analyses of operating system code such as the Linux kernel, we have augmented our analysis to understand the security implications of kernel land and user land memory mapping. When a kernel needs access to user data, they will typically use a paranoid copy routine such as copy_from_user() to safely copy data stored in user-controllable memory into the kernel s memory space. Similar interactions occur at system calls, ioctl handling code, etc. This data, from the perspective of the kernel, is completely untrustworthy as a malicious user can supply any range of possible data values. Our analysis understands this notion and the security rules associated with user/kernel interactions. 3

4 We ran our security analysis over 6 different versions of the Linux kernel, ginning with the release from July, 2 and ending with the released in August, 25. For each version, we have recorded statistics such as the number of defects discovered, the location where the bugs were discovered, and the number of lines of code. We also recorded metrics about the code base, such as the number of files, the number of functions, the number of paths analyzed, and the number of potential violations of the Tainted Scalar rule described above. We chose this last metric in order to correlate the number of security violations we detected to the number of potential instances where this particular security rule could, hypothetically, be violated (the developer success rate for this rule). Code Growth Across 4 Years of Linux Development Lines of Code 3 2 Other Architecture Drivers Networking Filesystem Kernel Kernel Version Code Growth Over Time Files Functions Files Functions As shown in these charts, the Linux kernel is a constantly evolving and expanding piece of software. As thousands of developers work together to incorporate new features and fixes, the difficulty in maintaining high levels of quality and security increases with each new release. 4

5 Results and Key Conclusions From this study, we can conclude that the Linux kernel is a stable, secure operating system and continues to improve over time. We also stress that the Linux development process helps enable the security and stability of such a large project. Here, we outline and discuss the findings and major conclusions reached by our study. Security Vs. Non-Security Bugs Over Time Total Security Non Security Kernel Version Non Security Total Security 1 - More code implies more bugs, yet security defects are decreasing 7,, Code count Total Density.275 7,, Code count Security Density.9 6,,.27 6,, ,,.26 5,,.6 4,,.255 4,, ,,.245 3,,.4 2,,.24 2,, ,,.23 1,, As new features and additional drivers are constantly being developed, the amount of code continues to grow with each new release. From the data, we can see that the greatest spikes in defect numbers are associated with major development efforts (i.e., 2.2 to 2.4, 2.4 to 2.6). These are places where large amounts of new code are added. Large volumes of new code cause a predictable increase in the raw number of bugs discovered throughout a system. In contrast to these inflection points across major releases, we can also see that minor releases tend to incorporate many bug fixes and add fewer new bugs as most development efforts are spent improving and debugging the previously introduced, new features. Since the release, the security defect density has steadily declined for each subsequent release, continually strengthening the overall security of the system. Highlighting this trend, the kernel is the first release where both the total number of security defects discovered and the security defect density have gone down from the previous release. From this release onward, both metrics have continually decreased over time. This trend illustrates that while new, nonsecurity related defects are still being added, developers are learning to take security concerns into account as security defects are becoming less and less common even in the face of continued code churn and code growth. 5

6 2 - Defects are low where it matters Defect Distribution Over Time Defect Count Other Architecture Drivers Networking Filesystem Kernel Kernel Version Another interesting result of our study is that the location of the majority of both security and non-security bugs continues to move from high priority areas such as the kernel, filesystem, and networking code into the lesser used drivers. Any driver defect is only a serious vulnerability if that specific driver is being used in a given system configuration. Many of the drivers are only used by enthusiasts deploying Linux on home desktops or laptops, so the large, enterprise distributions of Linux are not affected by these defects. This migration trend is most likely due to the increased number of kernel developers as Linux becomes more popular. New developers tend to start by writing driver code to support a new device. Developers new to the Linux kernel often do not fully understand the security implications and rules associated with Linux kernel development in their first foray into the kernel community. 6

7 3 - Linux development process is good for security, but not perfect The results of this study indicate that the Linux development process is a key factor in the security and stability of the system. While developers vary both in skill and in security expertise, new code must pass through a series of steps before it is incorporated into a kernel release. Thus, new, less experienced developers will have their code routinely checked and inspected before it will be signed-off by the subsystem maintainer and incorporated into the kernel. Ultimately, the code will go through the ranks and be inspected by one of the two lead developers, Andrew Morton and Linus Torvalds. This hierarchical development process allows highly skilled, specialized developers to inspect new code from more inexperienced contributors before that code ever gets to the next stage. Those developers that understand both simple and complex security rules are able to weed out potentially devastating defects early in the development process. The following image outlines the Linux kernel development process: While this process has been shown to be effective and helpful to the overall security of the system, it is not perfect. Many defects discovered by our analysis are very common and simple mistakes. Thus, while having many eyeballs inspect each code change can be a great asset to overall system security, it does not guarantee that even the simplest of defects will be caught before a release. Many new developers do not understand the kernel's security rules, or, perhaps, feel that they can put off security concerns to the subsystem maintainer as he/she is more of a security expert. As such, we can see an argument for a centralized security auditing process to aid in the early detection of security vulnerabilities as well as the handling of new security reports. 7

8 The Evolution of Source Code Analysis Technology Compile time source code analysis for security has long remained more of a promise than a reality. Coverity has developed the first system that can identify defects with a combination of precision, speed, and accuracy across millions of lines of code that satisfies the most demanding industry customers as well as the fast paced open source community. Early attempts at static source code analysis focused on software verification. While these efforts yielded tools, the domains of those tools were inevitably limited to either restrictive, custom programming languages, or very small programs that do not reflect the complexity of today's commercial software. Coverity Prevent represents a breakthrough in the source code analysis community by applying sophisticated compiler optimization techniques combined with an innovative system architecture to produce the most effective analysis system every built. Coverity Prevent is designed as a generic analysis platform with modular plug-ins that carry out specific simulations of the source code and report specific types of defects. Because of this module design, each analysis is finely tuned to the type of bug that is detects, allowing Coverity's system to achieve a false positive rate that is the overall lowest amongst source code analysis systems. About Coverity and Linux Coverity was founded by Stanford professor Dr. Dawson Engler and four Ph.D. students in the Computer Science Laboratory at Stanford University. By combining a strong academic foundation with fast growing market traction experience, Coverity is able to leverage a combination of innovative ideas and enterprise experience to build a source code analysis technology that is unparalleled in either research or industry. Coverity's experience with the Linux source code began when the founding team was working at Stanford on a research project then known as the Meta Compiler Project. The project was focused on proving that compiler technologies could be successfully applied to find defects in robust software systems. The first published work on the Meta Compiler system was described to the research community in late 2. In that publication, 511 bugs were reported, while the research uncovered over 2 defects in the Linux kernel source code using the primitive analysis technology in our first experimental implementation of the analysis platform. In 21, a follow up presentation to the research community used the second iteration of the analysis platform to present a study of defect trends in the Linux operating system. In this study, over 1 defects were detected in the Linux kernel source code from version At that time, the source code contained 1.6 million lines of code. With such solid results, a follow-on study was conducted to detect security flaws in the Linux kernel due to unsafe usage of user-controllable tainted data. The study illustrated a basic technique for detecting defects that, if left in the source code, could possibly cause severe security vulnerabilities and lead to complete system takeover if discovered and abused by a malicious party. The analysis uncovered 125 security flaws in the kernel as well as substantial security flaws in an un-named commercial security system. As Coverity's analysis technology matured, repeated analyses of the Linux kernel were performed as a means for validating the progress of Coverity's technology. This work was punctuated by numerous releases of security holes to the Linux kernel implementers dating back to 24, and July 24 posting of the site that presented approximately 9 bugs in the Linux kernel. At that time, the Linux kernel contained over 5 million lines of source code. These bugs were released publicly to the Linux kernel implementers and many were fixed, although the exact number of subsequent fixed is still yet to be assessed. Several patches to the Linux kernel were applied in response to that release. Prevent in action: Coverity, Inc. 185 Berry St. Suite 36 San Francisco, CA 9417 (8) Copyright 25 Coverity

Coverity White Paper. Reduce Your Costs: Eliminate Critical Security Vulnerabilities with Development Testing

Coverity White Paper. Reduce Your Costs: Eliminate Critical Security Vulnerabilities with Development Testing Reduce Your Costs: Eliminate Critical Security Vulnerabilities with Development Testing The Stakes Are Rising Security breaches in software and mobile devices are making headline news and costing companies

More information

Integrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com

Integrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com SAINT Integrated Network Vulnerability Scanning and Penetration Testing www.saintcorporation.com Introduction While network vulnerability scanning is an important tool in proactive network security, penetration

More information

Application Code Development Standards

Application Code Development Standards Application Code Development Standards Overview This document is intended to provide guidance to campus system owners and software developers regarding secure software engineering practices. These standards

More information

Secure Software Programming and Vulnerability Analysis

Secure Software Programming and Vulnerability Analysis Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Testing and Source Code Auditing Secure Software Programming 2 Overview

More information

Detecting Critical Defects on the Developer s Desktop

Detecting Critical Defects on the Developer s Desktop Detecting Critical Defects on the Developer s Desktop Seth Hallem CEO Coverity, Inc. Copyright Coverity, Inc. 2006. All Rights Reserved. This publication, in whole or in part, may not be reproduced, stored

More information

Seven Practical Steps to Delivering More Secure Software. January 2011

Seven Practical Steps to Delivering More Secure Software. January 2011 Seven Practical Steps to Delivering More Secure Software January 2011 Table of Contents Actions You Can Take Today 3 Delivering More Secure Code: The Seven Steps 4 Step 1: Quick Evaluation and Plan 5 Step

More information

TOOL EVALUATION REPORT: FORTIFY

TOOL EVALUATION REPORT: FORTIFY TOOL EVALUATION REPORT: FORTIFY Derek D Souza, Yoon Phil Kim, Tim Kral, Tejas Ranade, Somesh Sasalatti ABOUT THE TOOL Background The tool that we have evaluated is the Fortify Source Code Analyzer (Fortify

More information

Development Testing for Agile Environments

Development Testing for Agile Environments Development Testing for Agile Environments November 2011 The Pressure Is On More than ever before, companies are being asked to do things faster. They need to get products to market faster to remain competitive

More information

Coverity White Paper. Effective Management of Static Analysis Vulnerabilities and Defects

Coverity White Paper. Effective Management of Static Analysis Vulnerabilities and Defects Effective Management of Static Analysis Vulnerabilities and Defects Introduction According to a recent industry study, companies are increasingly expanding their development testing efforts to lower their

More information

90% of data breaches are caused by software vulnerabilities.

90% of data breaches are caused by software vulnerabilities. 90% of data breaches are caused by software vulnerabilities. Get the skills you need to build secure software applications Secure Software Development (SSD) www.ce.ucf.edu/ssd Offered in partnership with

More information

Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda

Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda 1. Introductions for new members (5 minutes) 2. Name of group 3. Current

More information

Source Code Security Analysis Tool Functional Specification Version 1.0

Source Code Security Analysis Tool Functional Specification Version 1.0 Special Publication 500-268 Source Code Security Analysis Tool Functional Specification Version 1.0 Paul E. Black Michael Kass Michael Koo Software Diagnostics and Conformance Testing Division Information

More information

Measuring the Effect of Code Complexity on Static Analysis Results

Measuring the Effect of Code Complexity on Static Analysis Results Measuring the Effect of Code Complexity on Static Analysis Results James Walden, Adam Messer, and Alex Kuhl Department of Computer Science Northern Kentucky University Highland Heights, KY 41099 Abstract.

More information

Attack Vector Detail Report Atlassian

Attack Vector Detail Report Atlassian Attack Vector Detail Report Atlassian Report As Of Tuesday, March 24, 2015 Prepared By Report Description Notes cdavies@atlassian.com The Attack Vector Details report provides details of vulnerability

More information

IBM Rational AppScan: Application security and risk management

IBM Rational AppScan: Application security and risk management IBM Software Security November 2011 IBM Rational AppScan: Application security and risk management Identify, prioritize, track and remediate critical security vulnerabilities and compliance demands 2 IBM

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER Improving Software Quality to Drive Business Agility Sponsored by: Coverity Inc. Melinda-Carol Ballou June 2008 IDC OPINION Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200

More information

The Weakest Link: Mitigating Web Application Vulnerabilities. webscurity White Paper. webscurity Inc. Minneapolis, Minnesota USA

The Weakest Link: Mitigating Web Application Vulnerabilities. webscurity White Paper. webscurity Inc. Minneapolis, Minnesota USA The Weakest Link: Mitigating Web Application Vulnerabilities webscurity White Paper webscurity Inc. Minneapolis, Minnesota USA January 25, 2007 Contents Executive Summary...3 Introduction...4 Target Audience...4

More information

Passing PCI Compliance How to Address the Application Security Mandates

Passing PCI Compliance How to Address the Application Security Mandates Passing PCI Compliance How to Address the Application Security Mandates The Payment Card Industry Data Security Standards includes several requirements that mandate security at the application layer. These

More information

Advanced Systems Security

Advanced Systems Security Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security

More information

Web application security: automated scanning versus manual penetration testing.

Web application security: automated scanning versus manual penetration testing. Web application security White paper January 2008 Web application security: automated scanning versus manual penetration testing. Danny Allan, strategic research analyst, IBM Software Group Page 2 Contents

More information

Oracle Solaris Studio Code Analyzer

Oracle Solaris Studio Code Analyzer Oracle Solaris Studio Code Analyzer The Oracle Solaris Studio Code Analyzer ensures application reliability and security by detecting application vulnerabilities, including memory leaks and memory access

More information

Improving Software Security at the. Source

Improving Software Security at the. Source Improving Software Security at the Source Greg Snyder Privacy & Security RIT January 28, 2006 Abstract While computer security has become a major focus of information technology professionals due to patching

More information

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard Partner Addendum Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard The findings and recommendations contained in this document are provided by VMware-certified

More information

Web Application Security

Web Application Security Web Application Security Richard A. Kemmerer Reliable Software Group Computer Science Department University of California Santa Barbara, CA 93106, USA http://www.cs.ucsb.edu/~rsg www.cs.ucsb.edu/~rsg/

More information

The Leader in Cloud Security SECURITY ADVISORY

The Leader in Cloud Security SECURITY ADVISORY The Leader in Cloud Security SECURITY ADVISORY Security Advisory - December 14, 2010 Zscaler Provides Protection in the Face of Significant Microsoft Year End Patch Cycle Zscaler, working with Microsoft

More information

Securing Network Software using Static Analysis

Securing Network Software using Static Analysis Securing Network Software using Static Analysis Lauri Kolmonen Helsinki University of Technology lauri.kolmonen@hut.fi Abstract Writing network software is not easy and developing secure network software

More information

Why Open Source Software Only Seems More Secure

Why Open Source Software Only Seems More Secure Purdue University Center for Education and Research in Information Assurance and Security Why Open Source Software Only Seems More Secure Eugene H. Spafford Professor and

More information

D. Best Practices D.1. Assurance The 5 th A

D. Best Practices D.1. Assurance The 5 th A Best Practices I&C School Prof. P. Janson September 2014 D. Best Practices D.1. Assurance The 5 th A 1 of 20 IT systems are insecure for two main reasons: People are fallible and systems are complex and

More information

Controlling Software Complexity. The Business Case for Static Source Code Analysis

Controlling Software Complexity. The Business Case for Static Source Code Analysis Controlling Software Complexity The Business Case for Static Source Code Analysis Table of Contents 1. Introduction 2. Defects and Software Quality 3. The Business Challenge of Software 4. The Impact of

More information

AN OVERVIEW OF VULNERABILITY SCANNERS

AN OVERVIEW OF VULNERABILITY SCANNERS AN OVERVIEW OF VULNERABILITY SCANNERS February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole

More information

Turning the Battleship: How to Build Secure Software in Large Organizations. Dan Cornell May 11 th, 2006

Turning the Battleship: How to Build Secure Software in Large Organizations. Dan Cornell May 11 th, 2006 Turning the Battleship: How to Build Secure Software in Large Organizations Dan Cornell May 11 th, 2006 Overview Background and key questions Quick review of web application security The web application

More information

Database security issues PETRA BILIĆ ALEXANDER SPARBER

Database security issues PETRA BILIĆ ALEXANDER SPARBER Database security issues PETRA BILIĆ ALEXANDER SPARBER Introduction Database security is one aspect of computer security It uses different information security controls to protect databases Information

More information

Data on Kernel Failures and Security Incidents

Data on Kernel Failures and Security Incidents Data on Kernel Failures and Security Incidents Ravishankar K. Iyer (W. Gu, Z. Kalbarczyk, G. Lyle, A. Sharma, L. Wang ) Center for Reliable and High-Performance Computing Coordinated Science Laboratory

More information

Will Dormann: Sure. Fuzz testing is a way of testing an application in a way that you want to actually break the program.

Will Dormann: Sure. Fuzz testing is a way of testing an application in a way that you want to actually break the program. The Power of Fuzz Testing to Reduce Security Vulnerabilities Transcript Part 1: Why Fuzz Testing? Julia Allen: Welcome to CERT's podcast series: Security for Business Leaders. The CERT program is part

More information

How to Build a Trusted Application. John Dickson, CISSP

How to Build a Trusted Application. John Dickson, CISSP How to Build a Trusted Application John Dickson, CISSP Overview What is Application Security? Examples of Potential Vulnerabilities Strategies to Build Secure Apps Questions and Answers Denim Group, Ltd.

More information

Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security

Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Presented 2009-05-29 by David Strauss Thinking Securely Security is a process, not

More information

Fortify End User Training

Fortify End User Training Fortify End User Training Day 2: Labs VA SOFTWARE ASSURANCE PROGRAM OFFICE 1 Class Logistics Please mute your phones; conference line muted, #6 to unmute, *6 to mute Breaks approximately each hour, with

More information

Red Hat. www.redhat.com. By Karl Wirth

Red Hat. www.redhat.com. By Karl Wirth Red Hat Enterprise Linux 5 Security By Karl Wirth Abstract Red Hat Enterprise Linux has been designed by, and for, the most security-conscious organizations in the world. Accordingly, security has always

More information

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus Information Technology Engineers Examination Information Security Specialist Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination

More information

Protect Your Organization With the Certification That Maps to a Master s-level Education in Software Assurance

Protect Your Organization With the Certification That Maps to a Master s-level Education in Software Assurance Protect Your Organization With the Certification That Maps to a Master s-level Education in Software Assurance Sponsored by the U.S. Department of Homeland Security (DHS), the Software Engineering Institute

More information

Integrating Automated Tools Into a Secure Software Development Process

Integrating Automated Tools Into a Secure Software Development Process Integrating Automated Tools Into a Secure Software Development Process Kenneth R. van Wyk KRvW Associates, LLC Ken@KRvW.com Copyright 2007, KRvW Associates, LLC This paper is intended to augment and accompany

More information

Columbia University Web Security Standards and Practices. Objective and Scope

Columbia University Web Security Standards and Practices. Objective and Scope Columbia University Web Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Security Standards and Practices document establishes a baseline of security related requirements

More information

Improving RoI by Using an SDL

Improving RoI by Using an SDL Improving RoI by Using an SDL This paper discusses how you can improve return on investment (RoI) by implementing a secure development lifecycle (SDL). It starts with a brief introduction to SDLs then

More information

Predicts 2004: Client-Side Windows Adoption

Predicts 2004: Client-Side Windows Adoption Strategic Planning, M. Silver Research Note 1 December 2003 Predicts 2004: Client-Side Windows Adoption Despite security fixes for NT Workstation v.4, you should focus on migrating to newer platforms and

More information

Client vs. Server Implementations of Mitigating XSS Security Threats on Web Applications

Client vs. Server Implementations of Mitigating XSS Security Threats on Web Applications Journal of Basic and Applied Engineering Research pp. 50-54 Krishi Sanskriti Publications http://www.krishisanskriti.org/jbaer.html Client vs. Server Implementations of Mitigating XSS Security Threats

More information

Secure Programming with Static Analysis. Jacob West jacob@fortify.com

Secure Programming with Static Analysis. Jacob West jacob@fortify.com Secure Programming with Static Analysis Jacob West jacob@fortify.com Software Systems that are Ubiquitous Connected Dependable Complexity U Unforeseen Consequences Software Security Today The line between

More information

Research on the Essential Network Equipment Risk Assessment Methodology based on Vulnerability Scanning Technology Xiaoqin Song 1

Research on the Essential Network Equipment Risk Assessment Methodology based on Vulnerability Scanning Technology Xiaoqin Song 1 International Conference on Informatization in Education, Management and Business (IEMB 2015) Research on the Essential Network Equipment Risk Assessment Methodology based on Vulnerability Scanning Technology

More information

Automating Security Testing. Mark Fallon Senior Release Manager Oracle

Automating Security Testing. Mark Fallon Senior Release Manager Oracle Automating Security Testing Mark Fallon Senior Release Manager Oracle Some Ground Rules There are no silver bullets You can not test security into a product Testing however, can help discover a large percentage

More information

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global

More information

Developers and the Software Supply Chain. Andy Chou, PhD Chief Technology Officer Coverity, Inc.

Developers and the Software Supply Chain. Andy Chou, PhD Chief Technology Officer Coverity, Inc. Developers and the Software Supply Chain Andy Chou, PhD Chief Technology Officer Coverity, Inc. About Andy CTO at Coverity since 2010 Co-founder at Coverity, 2003 From five guys in a garage to 280 employees

More information

elearning for Secure Application Development

elearning for Secure Application Development elearning for Secure Application Development Curriculum Application Security Awareness Series 1-2 Secure Software Development Series 2-8 Secure Architectures and Threat Modeling Series 9 Application Security

More information

The Security Development Lifecycle

The Security Development Lifecycle The Security Development Lifecycle Steven B. Lipner Director of Security Engineering Strategy Security Business and Technology Unit Microsoft Corporation Context and History 1960s penetrate and patch 1970s

More information

CA Vulnerability Manager r8.3

CA Vulnerability Manager r8.3 PRODUCT BRIEF: CA VULNERABILITY MANAGER CA Vulnerability Manager r8.3 CA VULNERABILITY MANAGER PROTECTS ENTERPRISE SYSTEMS AND BUSINESS OPERATIONS BY IDENTIFYING VULNERABILITIES, LINKING THEM TO CRITICAL

More information

APPLICATION VIRTUALIZATION TECHNOLOGIES WHITEPAPER

APPLICATION VIRTUALIZATION TECHNOLOGIES WHITEPAPER APPLICATION VIRTUALIZATION TECHNOLOGIES WHITEPAPER Oct 2013 INTRODUCTION TWO TECHNOLOGY CATEGORIES Application virtualization technologies can be divided into two main categories: those that require an

More information

Reducing Application Vulnerabilities by Security Engineering

Reducing Application Vulnerabilities by Security Engineering Reducing Application Vulnerabilities by Security Engineering - Subash Newton Manager Projects (Non Functional Testing, PT CoE Group) 2008, Cognizant Technology Solutions. All Rights Reserved. The information

More information

Vulnerability-Focused Threat Detection: Protect Against the Unknown

Vulnerability-Focused Threat Detection: Protect Against the Unknown Vulnerability-Focused Threat Detection: Protect Against the Unknown Vulnerabilities and threats are being discovered at a pace that traditional exploit-based attack detection technology cannot meet. Vulnerability-focused

More information

The Advantages of Block-Based Protocol Analysis for Security Testing

The Advantages of Block-Based Protocol Analysis for Security Testing The Advantages of Block-Based Protocol Analysis for Security Testing Dave Aitel Immunity,Inc. 111 E. 7 th St. Suite 64, NY NY 10009, USA dave@immunitysec.com February, 4 2002 Abstract. This paper describes

More information

Why should I care about PDF application security?

Why should I care about PDF application security? Why should I care about PDF application security? What you need to know to minimize your risk Table of contents 1: Program crashes present an opportunity for attack 2: Look for software that fully uses

More information

Manual vs. Automated Vulnerability Assessment: ACaseStudy

Manual vs. Automated Vulnerability Assessment: ACaseStudy Manual vs. Automated Vulnerability Assessment: ACaseStudy JamesA.KupschandBartonP.Miller Computer Sciences Department, University of Wisconsin, Madison, WI, USA {kupsch,bart}@cs.wisc.edu Abstract The dream

More information

Threat Modeling. Categorizing the nature and severity of system vulnerabilities. John B. Dickson, CISSP

Threat Modeling. Categorizing the nature and severity of system vulnerabilities. John B. Dickson, CISSP Threat Modeling Categorizing the nature and severity of system vulnerabilities John B. Dickson, CISSP What is Threat Modeling? Structured approach to identifying, quantifying, and addressing threats. Threat

More information

INTRODUCING isheriff CLOUD SECURITY

INTRODUCING isheriff CLOUD SECURITY INTRODUCING isheriff CLOUD SECURITY isheriff s cloud-based, multi-layered, threat protection service is the simplest and most cost effective way to protect your organization s data and devices from cyber-threats.

More information

Driving Quality, Security and Compliance in Third- Party Code

Driving Quality, Security and Compliance in Third- Party Code Driving Quality, Security and Compliance in Third- Party Code Dave Gruber Director of Product Marketing, Black Duck Keri Sprinkle Sr Product Marketing Manager, Coverity Jon Jarboe Sr Technical Marketing

More information

WHITEPAPER. Nessus Exploit Integration

WHITEPAPER. Nessus Exploit Integration Nessus Exploit Integration v2 Tenable Network Security has committed to providing context around vulnerabilities, and correlating them to other sources, such as available exploits. We currently pull information

More information

Adobe Systems Incorporated

Adobe Systems Incorporated Adobe Connect 9.2 Page 1 of 8 Adobe Systems Incorporated Adobe Connect 9.2 Hosted Solution June 20 th 2014 Adobe Connect 9.2 Page 2 of 8 Table of Contents Engagement Overview... 3 About Connect 9.2...

More information

Pattern Insight Clone Detection

Pattern Insight Clone Detection Pattern Insight Clone Detection TM The fastest, most effective way to discover all similar code segments What is Clone Detection? Pattern Insight Clone Detection is a powerful pattern discovery technology

More information

I Control Your Code Attack Vectors Through the Eyes of Software-based Fault Isolation. Mathias Payer, ETH Zurich

I Control Your Code Attack Vectors Through the Eyes of Software-based Fault Isolation. Mathias Payer, ETH Zurich I Control Your Code Attack Vectors Through the Eyes of Software-based Fault Isolation Mathias Payer, ETH Zurich Motivation Applications often vulnerable to security exploits Solution: restrict application

More information

A Strategic Approach to Web Application Security The importance of a secure software development lifecycle

A Strategic Approach to Web Application Security The importance of a secure software development lifecycle A Strategic Approach to Web Application Security The importance of a secure software development lifecycle Rachna Goel Technical Lead Enterprise Technology Web application security is clearly the new frontier

More information

Security Vulnerability Management. Mark J Cox

Security Vulnerability Management. Mark J Cox Security Vulnerability Management Mark J Cox Responsibility & Accountability Unique challenges Many vendors all ship the same thing The vulnerabilities are there. The fact that somebody in the middle of

More information

Enterprise Computing Solutions

Enterprise Computing Solutions Business Intelligence Data Center Cloud Mobility Enterprise Computing Solutions Security Solutions arrow.com Security Solutions Secure the integrity of your systems and data today with the one company

More information

Modern Binary Exploitation Course Syllabus

Modern Binary Exploitation Course Syllabus Modern Binary Exploitation Course Syllabus Course Information Course Title: Modern Binary Exploitation Course Number: CSCI 4968 Credit Hours: 4 Semester / Year: Spring 2015 Meeting Days: Tuesday/Friday

More information

Solving the Software Quality Challenges of Agile Development

Solving the Software Quality Challenges of Agile Development Solving the Software Quality Challenges of Agile Development 2 Solving the Software Quality Risks of Agile Development Agile software development is a series of iterative and incremental development methods

More information

Guideline on Vulnerability and Patch Management

Guideline on Vulnerability and Patch Management CMSGu2014-03 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Vulnerability and Patch Management National Computer Board

More information

A Test Suite for Basic CWE Effectiveness. Paul E. Black. paul.black@nist.gov. http://samate.nist.gov/

A Test Suite for Basic CWE Effectiveness. Paul E. Black. paul.black@nist.gov. http://samate.nist.gov/ A Test Suite for Basic CWE Effectiveness Paul E. Black paul.black@nist.gov http://samate.nist.gov/ Static Analysis Tool Exposition (SATE V) News l We choose test cases by end of May l Tool output uploaded

More information

Case Study: Load Testing and Tuning to Improve SharePoint Website Performance

Case Study: Load Testing and Tuning to Improve SharePoint Website Performance Case Study: Load Testing and Tuning to Improve SharePoint Website Performance Abstract: Initial load tests revealed that the capacity of a customized Microsoft Office SharePoint Server (MOSS) website cluster

More information

Simplify security management in the cloud

Simplify security management in the cloud Simplify security management in the cloud IBM Endpoint Manager and IBM SmartCloud offerings provide complete cloud protection Highlights Ensure security of new cloud services by employing scalable, optimized

More information

COVERITY SCAN: 2013 OPEN SOURCE REPORT. Coverity Scan: 2013 Open Source Report

COVERITY SCAN: 2013 OPEN SOURCE REPORT. Coverity Scan: 2013 Open Source Report Coverity Scan: 2013 Open Source Report Coverity Scan: A Brief Introduction 2 Open Source is Eating the World 3 The State of Open Source Software Quality: C/C++ 6 Linux: Through the Years 12 Key Differences:

More information

Detecting SQL Injection Vulnerabilities in Web Services

Detecting SQL Injection Vulnerabilities in Web Services Detecting SQL Injection Vulnerabilities in Web Services Nuno Antunes, {nmsa, mvieira}@dei.uc.pt LADC 2009 CISUC Department of Informatics Engineering University of Coimbra Outline n Web Services n Web

More information

IPLocks Vulnerability Assessment: A Database Assessment Solution

IPLocks Vulnerability Assessment: A Database Assessment Solution IPLOCKS WHITE PAPER February 2006 IPLocks Vulnerability Assessment: A Database Assessment Solution 2665 North First Street, Suite 110 San Jose, CA 95134 Telephone: 408.383.7500 www.iplocks.com TABLE OF

More information

- Table of Contents -

- Table of Contents - - Table of Contents - 1 INTRODUCTION... 1 1.1 TARGET READERS OF THIS DOCUMENT... 1 1.2 ORGANIZATION OF THIS DOCUMENT... 2 1.3 COMMON CRITERIA STANDARDS DOCUMENTS... 3 1.4 TERMS AND DEFINITIONS... 4 2 OVERVIEW

More information

Latest Trends in Testing. Ajay K Chhokra

Latest Trends in Testing. Ajay K Chhokra Latest Trends in Testing Ajay K Chhokra Introduction Software Testing is the last phase in software development lifecycle which has high impact on the quality of the final product delivered to the customer.

More information

Data Flow Static Code Analysis Best Practices

Data Flow Static Code Analysis Best Practices Data Flow Static Code Analysis Best Practices Introduction This paper examines why and how to add flow analysis to your existing testing strategies. After introducing the general concept and benefits of

More information

SAFECode Security Development Lifecycle (SDL)

SAFECode Security Development Lifecycle (SDL) SAFECode Security Development Lifecycle (SDL) Michael Howard Microsoft Matthew Coles EMC 15th Semi-annual Software Assurance Forum, September 12-16, 2011 Agenda Introduction to SAFECode Security Training

More information

MCAFEE FOUNDSTONE FSL UPDATE

MCAFEE FOUNDSTONE FSL UPDATE MCAFEE FOUNDSTONE FSL UPDATE 2012-JUN-13 To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and

More information

White Paper. Automating Your Code Review: Moving to a SaaS Model for Application Security

White Paper. Automating Your Code Review: Moving to a SaaS Model for Application Security White Paper Automating Your Code Review: Moving to a SaaS Model for Application Security Contents Overview... 3 Executive Summary... 3 Code Review and Security Analysis Methods... 5 Source Code Review

More information

Building Docker Cloud Services with Virtuozzo

Building Docker Cloud Services with Virtuozzo Building Docker Cloud Services with Virtuozzo Improving security and performance of application containers services in the cloud EXECUTIVE SUMMARY Application containers, and Docker in particular, are

More information

RACK911 Labs. Year in Review. May 6, 2014

RACK911 Labs. Year in Review. May 6, 2014 RACK911 Labs Year in Review May 6, 014 The security of the hosting industry has always been a concern of RACK911 and in May of 013 we decided to take a more proactive role by creating a new brand called

More information

Software Security. Software Security Touchpoints. Touchpoints. March 27, 2006. March 27, 2006. Three pillars of security. Risk Management.

Software Security. Software Security Touchpoints. Touchpoints. March 27, 2006. March 27, 2006. Three pillars of security. Risk Management. Software Security Touchpoints March 27, 2006 March 27, 2006 Three pillars of security Software Security Risk Management Touchpoints Knowledge Architectural risk analysis Applied risk management Sometimes

More information

Now Is the Time for Security at the Application Level

Now Is the Time for Security at the Application Level Research Publication Date: 1 December 2005 ID Number: G00127407 Now Is the Time for Security at the Application Level Theresa Lanowitz Applications must be available, useful, reliable, scalable and, now

More information

- An Essential Building Block for Stable and Reliable Compute Clusters

- An Essential Building Block for Stable and Reliable Compute Clusters Ferdinand Geier ParTec Cluster Competence Center GmbH, V. 1.4, March 2005 Cluster Middleware - An Essential Building Block for Stable and Reliable Compute Clusters Contents: Compute Clusters a Real Alternative

More information

Source Code Security Analysis Tool Functional Specification Version 1.1

Source Code Security Analysis Tool Functional Specification Version 1.1 Special Publication 500-268 v1.1 Source Code Security Analysis Tool Functional Specification Version 1.1 Paul E. Black Michael Kass Michael Koo Elizabeth Fong Software and Systems Division Information

More information

Software security specification and verification

Software security specification and verification Software security specification and verification Erik Poll Security of Systems (SoS) group Radboud University Nijmegen Software (in)security specification and verification/detection Erik Poll Security

More information

State of Web Application Security

State of Web Application Security State of Web Application Security Executive Summary Sponsored by Cenzic & Barracuda Networks Independently conducted by Ponemon Institute LLC Publication Date: February 2011 Ponemon Institute Research

More information

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target

More information

Application Security: What Does it Take to Build and Test a Trusted App? John Dickson, CISSP Denim Group

Application Security: What Does it Take to Build and Test a Trusted App? John Dickson, CISSP Denim Group Application Security: What Does it Take to Build and Test a Trusted App? John Dickson, CISSP Denim Group Overview What is Application Security? Examples of Potential Vulnerabilities Potential Strategies

More information

CHAPTER 5 INTELLIGENT TECHNIQUES TO PREVENT SQL INJECTION ATTACKS

CHAPTER 5 INTELLIGENT TECHNIQUES TO PREVENT SQL INJECTION ATTACKS 66 CHAPTER 5 INTELLIGENT TECHNIQUES TO PREVENT SQL INJECTION ATTACKS 5.1 INTRODUCTION In this research work, two new techniques have been proposed for addressing the problem of SQL injection attacks, one

More information

Braindumps.C2150-810.50 questions

Braindumps.C2150-810.50 questions Braindumps.C2150-810.50 questions Number: C2150-810 Passing Score: 800 Time Limit: 120 min File Version: 5.3 http://www.gratisexam.com/ -810 IBM Security AppScan Source Edition Implementation This is the

More information

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing Introduction ManTech Project Manager Mark Shaw, Senior Executive Director Cyber Security Solutions Division

More information

Abstract. Introduction. Summary

Abstract. Introduction. Summary Analyzing the Effectiveness and Coverage of Web Application Security s By Larry Suto Application Security Consultant San Francisco October, 2007 Abstract This paper summarizes my study of web application

More information

Software security. Buffer overflow attacks SQL injections. Lecture 11 EIT060 Computer Security

Software security. Buffer overflow attacks SQL injections. Lecture 11 EIT060 Computer Security Software security Buffer overflow attacks SQL injections Lecture 11 EIT060 Computer Security Buffer overflow attacks Buffer overrun is another common term Definition A condition at an interface under which

More information