Security bug

From Wikipedia, the free encyclopedia
Jump to: navigation, search

A security bug or security defect is a software bug that benefits someone other than intended beneficiaries in the intended ways.

Security bugs introduce security vulnerabilities by compromising one or more of:

Security bugs need not be identified, surfaced nor exploited to qualify as such.

Causes[edit]

Security bugs, like all other software bugs, stem from root causes that can generally be traced to either absent or inadequate:

Taxonomy[edit]

Security bugs generally fall into a fairly small number of broad categories that include:

Mitigation[edit]

See Software Security Assurance.

See also[edit]

References[edit]

  1. ^ "CWE/SANS TOP 25 Most Dangerous Software Errors". SANS. Retrieved 13 July 2012. 
  2. ^ "CWE/SANS TOP 25 Most Dangerous Software Errors". SANS. Retrieved 13 July 2012.