Taxonomy of Application Security

Application Security Tools.txt
”External” Tools
  Network Scanners
  Web Application Scanners
  Web Services Scanners
  Dynamic Analysis Tools
 
"Internal” Tools
  Software Requirements Verifiers 
  Software Design/Model Verifiers
  Compilers
  Static Source Code Scanners
  Static Byte Code Scanners
  Static Binary Code Scanners
  Database Scanners
Security Vulnerabilities.txt
Encryption Policy  
Connection Acceptance Policy 
Syntax Checking Policy
Authentication protocol
Access Control Policy
Semantics checking policy
Obscurity policy 
Logging policy
Code quality

External links:

  • taxonomy of vulnerabilities