Seven Pernicious Software Kingdoms

According to Tsipenyuk, Chess, and McGraw there are Seven Pernicious Kingdoms of Software security errors, though the authors directly acknowledge Miller in limiting themselves to seven. The kingdoms they list are:
  1. input validation and representation
  2. API abuse
  3. security features
  4. time and state
  5. errors
  6. code quality
  7. encapsulation
  8. environment
Yes, there are actually eight "kingdoms" listed.

No comments: