Palisade Magazine
 
Threat Modeling

July 2004

Threat Modeling

by Sangita Pakala, GCIH

Threat modeling is a structured approach to identifying and planning mitigation for all the threats to any application. … more →

Authentication - Security Best Practices

by Roshen Chandran, CISSP

Authentication modules are the most exploited pieces in a web application. We look at ten good practices that ensure your authentication system is safe against an attack… more →

QuizQuiz: Encrypting passwords

The cryptographic technique to use for transmitting passwords during authentication is:

  1. Digital signature
  2. Symmetric encryption
  3. Hashing
  4. Salted Hash

more →

Review: Secure Coding: Principles & Practices

by Mark G. Graff, Kenneth R. van Wyk

We take a look at “Secure Coding: Principles & Practices” by Mark G. Graff and Kenneth R. van Wyk on essential principles of developing secure software … more →

On the blog recently

Past quizzes

  • Oct '08 : How does a web server specify the life time for a page to the browser's cache?
  • May '05 : How should I mask my web server's banners to get enhanced security?
  • Feb '07 : What sort of privilege on the log file does an application need to log transactions?
  • Aug '06 : An attacker enters a long nasty looking string into the date field. The input overwrites parts of the running program and executes commands on the server. What type of attack just took place?
  • Oct '04 : How can an application ensure that its pages are not cached or left on the client after a user has logged out?

Search this website

 Search website

Stay Informed

Want to know when the new issues are out? Just fill in your details, we will take care of notifying you when new issues are released:




Subscribe  Unsubscribe

Write to Us

All flowers, brickbats and suggestions are welcome. You can put in yours on the feedback page.

News & Events

  • 03.03.10. Binu Thomas, CTO Plynt, presented at the RSA Conference 2010 on the topic “Application Security Across the Enterprise: Lessons from the Trenches”. This is the fifth time Paladion has been invited to present here.
  • 25.12.09. Plynt has been selected as a finalist for Red Herring’s Global 100 award, a prestigious list honoring the year’s most promising private technology ventures from around the world.
  • 10.12.09. Deloitte Fast 50 India features Paladion 4 years in a row. The ranking of the 50 fastest growing technology companies places Paladion in the 19th spot.
  • 21.05.09. ICICI Bank and Paladion Have Been Awarded the Best Banking Security Systems Project by the Asian Banker IT Implementation Awards Program
  • 20.04.09. Info Security Products Guide Names Plynt Certification Program Winner of the 2009 Tomorrow’s Technology Today Award