Languagesx
English Deutsch
Subscribe
Home Coding Errors that Affect Security: Sort by Language, Phyla, or Kingdom

Coding Errors that Affect Security: Sort by Language, Phyla, or Kingdom

While most developers are proficient in several languages, today’s economic climate coupled with advances in technology has meant that oftentimes developers need to pick up a new language quickly. And although most developers are typically fluent in the security issues surrounding their specific languages and do their best to ensure that the code they produce is secure, security vulnerabilities in new language environments may not be as well understood.

Enter Fortify, a software security company that has organized security issues by both vulnerability category and by language so developers can easily ascertain the types of errors that have an impact on security.

“By better understanding how systems fail, developers will better analyze the systems they create, more readily identify and address security problems when they see them, and generally avoid repeating the same mistakes in the future,” the company explains.

A Taxonomy of Coding Errors that Affect Security borrows terminology from biology: vulnerability categories (for instance, Cross Site Scripting and Buffer Overflow) are referred to as phyla, and collections of vulnerability categories that share the same theme are referred to as kingdoms (for instance, Input Validation and Representation).

According to the site, vulnerability phyla are classified into “seven plus one” pernicious kingdoms presented in the order of importance to software security:

  1. Input Validation and Representation
  2. API Abuse
  3. Security Features
  4. Time and State
  5. Errors
  6. Code Quality
  7. Encapsulation
  8. *. Environment

Important to note, issues 1 – 7 are associated with security defects in source code, while 8 describes security issues outside the actual code.

Languages covered include Cold Fusion, C/C++, C#/VB.NET/ASP.NET, HTML, Java/JSP, Javascript, PHP, PLSQL/TSQL, Visual Basic/VB Script/ASP, Webservices, and XML.

A Taxonomy of Coding Errors that Affect Security was developed by the Fortify Software Security Research Group and Dr. Gary McGraw, and complete descriptions with source code examples can be found here.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags

Related News

A stunning 3D render of a detailed map of Europe, characterized by intricate lines of connectivity crisscrossing the entire continent. The map is rendered in a muted color palette, with distinct shades of green, brown, and gray for landmasses, and a vibrant blue for bodies of water. The connectivity lines, shimmering with a subtle glow, highlight the interconnectedness of cities, countries, and regions, symbolizing the flow of people, ideas, and commerce.,
Small browser companies like DuckDuckGo and Ecosia see user surge in Europe
Sophie Atkinson
AI inspired image of Reddit IPO on Wall Street / Reddit shares rise 11% in just one day since options launch for IPO
Reddit striving for $6.4 billion valuation in upcoming IPO
Graeme Hanna
Microsoft updating
Microsoft Edge users report serious issues following recent update
Rachael Davies
Twitch confirms first ever subscription price increases
Twitch confirms first ever subscription cost increases, US set to follow
Graeme Hanna
Safer Internet Day
Safer Internet Day: Why it matters now more than ever
Charlotte Colombo

Most Popular Tech Stories

Latest News

An AI-generated image of a gym with everybody wearing VR goggles.
AR/VR

Best fitness games for the Meta Quest 3 - How to get fit in VR
Paul McNally4 hours

Ever since the days of the PlayStation Move, Wii Balance Board or the Xbox Kinect, software publishers have dreamed of finding the perfect way to entice unhealthy gamers to get...

Popular TopicsArrow right.svg

AI
AI
AR / VR
AR / VR
Cryptocurrency
Cryptocurrency
Gaming
Gaming
Smartphone
Smartphone
Gambling
Gambling
Wearables
Wearables
Web
Web

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.