ITPRO

Printed from www.itpro.co.uk

Register to receive our regular email newsletter at http://www.itpro.co.uk/reg/register.

The newsletter contains links to our latest IT news, product reviews, features and how-to guides, plus special offers and competitions.

Skip to navigation

    Top 25 programming errors revealed

Experts and security vendors around the world finally have a measuring stick to help decide whether software is vulnerable to attack.

By Asavin Wattanajantra, 13 Jan 2009 at 15:11

Security experts in Europe and the US have joined forces to create a list of the top 25 most dangerous programming errors.

The result of a collaboration between the SANS Institute, MITRE, and experts in software security, the list presents detailed descriptions of the top 25 programming errors, as well as guidance in avoiding and dealing with them.

The aim of the top 25 list is to prevent vulnerabilities at source, by educating programmers about common mistakes which are made before software has been shipped. Such flaws were dangerous because they frequently allow attackers to take over software and prevent it from working, or let them steal data.

Software managers and CIOs were advised to use the top 25 list as a “measuring stick” which could help them secure their software.

Chief technology officer for Core Security, Ivan Arce, said that the top 25 list was the first serious attempt at building a classification of software security weaknesses and flaws.

“It is a necessary and long overdue step towards creating a common language for the software development and security communities," he said in a statement.

“They are in need of a more rational way to address which are currently the most urgent and relevant software security problems.”

A whole range of vendors - including Microsoft, Symantec, EMC, McAfee and Verisign - gave their support to the project.

Email to a friend

Print this page

Be the first to comment on this article

You need to Login or Register to comment.

    You may also like...

advertisement

    Latest Security Features

Sir Joseph Pilling

Q&A: The ID card commissioner talks cards and controversy

We spoke to ID card commissioner Sir John Pilling about his thoughts on the identity scheme and why we might all think he's a bit of prat down the line.

Read more

 

More Security Features

    Latest Security Reviews

Symantec Backup Exec 2010

Symantec Backup Exec 2010 review

Rating: 5

It’s been a long wait but Symantec finally adds deduplication to its flagship Windows backup software. We put the latest Backup Exec 2010 to the test to see what storage savings it can deliver.

Read more

 

More Security Reviews

advertisement

    Most popular

    Latest News Videos in Security

Rik Ferguson, Trend Micro

Video: Why security is everybody's responsibility

Play Video: Why security is everybody's responsibility   Play

Rik Ferguson, senior security advisor at Trend Micro says it's up to all of us to make security work.

 

    Blogs

Fat behaviour of Thin Clients with RemoteFX

Fat behaviour of Thin Clients with RemoteFX

Read more

 

    Whitepapers

Want more background on today's hottest IT trends?

Visit IT PRO's whitepaper library for more on virtualisation, encryption and other topics.

    Register for IT PRO

You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.

Register
Advertisement
{* ======================================= TRACKING IMAGES ======================================= Tracking images and img counters go below here. REMOVE WHEN TAKING OFF THE SKIN!! *} {literal}