Application Security & Software Protection
Network & System Security
Two popular approaches to application security are "build-it-right" and "remediation." SwRI engineers are developing new approaches that fall within these two areas.
New approaches to application security and software protection that are easily integrated into the development lifecycle and do not require application developers to be experts in security are being actively researched and developed by Southwest Research Institute (SwRI) engineers.
Addressing Security Threats
Addressing security threats during the development lifecycle can be more effective in improving security robustness and controlling costs than waiting until after deployment. SwRI is developing countermeasures for many threats that can be addressed during development such as:
- Buffer overflow and format string
- SQL injection
- Cross-site scripting
- Code obfuscation and data dithering
- Authentication and encryption
- Role-based access control
- Denial of service
Build-It-Right and Remediation
Two popular approaches to application security are "build-it-right" and "remediation." SwRI engineers are developing new approaches that fall within these two areas:
Application Security and Protection Services
SwRI provides many application security and software protection services such as:
- Customized security aware libraries and frameworks
- Customized security or privacy static analysis with "fight through" capabilities
- Trade study analysis and evaluations
Related Terminology
static analysis • dynamic dataflow analysis • secure middleware • SQL injection • cross-site scripting • tamper-proof software • code obfuscation • data dithering • role-based access control • denial of service • information assurance • software assurance • MILS
