Nothing Special   »   [go: up one dir, main page]

A security bug or security defect is a software bug that can be exploited to gain unauthorized access or privileges on a computer system. Security bugs introduce security vulnerabilities by compromising one or more of:

Security bugs do not need be identified nor exploited to be qualified as such and are assumed to be much more common than known vulnerabilities in almost any system.

Causes

edit

Security bugs, like all other software bugs, stem from root causes that can generally be traced to either absent or inadequate:[2]

Taxonomy

edit

Security bugs generally fall into a fairly small number of broad categories that include:[3]

Mitigation

edit

See software security assurance.

See also

edit

References

edit
  1. ^ a b "CWE/SANS TOP 25 Most Dangerous Software Errors". SANS. Retrieved 13 July 2012.
  2. ^ "Software Quality and Software Security". 2008-11-02. Retrieved 2017-04-28.
  3. ^ Alhazmi, Omar H.; Woo, Sung-Whan; Malaiya, Yashwant K. (Jan 2006). "Security vulnerability categories in major software systems". Proceedings of the Third IASTED International Conference on Communication, Network, and Information Security.

Further reading

edit