Tweet What is it and why should I care? This is a bit of a follow-up to my last post with a bit of a different viewpoint. In that post, I specifically looked at code reuse from the perspective of creating an internal framework to centralize code related to security functionality. This week, I want […]
Tweet What is it and why should I care? Software reuse is a ubiquitous practice in software development. One study says that “80% of the code in today’s applications comes from libraries and frameworks”. That’s a lot. There is already a lot of research about software reuse and its benefits. While the research exists, there’s […]
Tweet What is it and why should I care? Cross-Site Scripting (XSS) is another issue that is caused because of poor code/data separation. The general issue is that a developer intends the user input to be interpreted as data, but an attacker can manipulate the input to cause the browser to interpret the input as […]
Tweet What is it and why should I care? SQL Injection (SQLi) is an issue that is caused because of poor code/data separation. The general issue is that a developer intends the user input to be interpreted as data, but an attacker can manipulate the input to cause the database to interpret the input as […]