Taxonomy of Application Security

Application Security Tools.txt

”External” Tools
  Network Scanners
  Web Application Scanners
  Web Services Scanners
  Dynamic Analysis Tools
 
"Internal” Tools
  Software Requirements Verifiers 
  Software Design/Model Verifiers
  Compilers
  Static Source Code Scanners
  Static Byte Code Scanners
  Static Binary Code Scanners
  Database Scanners

Security Vulnerabilities.txt

Encryption Policy  
Connection Acceptance Policy 
Syntax Checking Policy
Authentication protocol
Access Control Policy
Semantics checking policy
Obscurity policy 
Logging policy
Code quality

External links:

taxonomy of vulnerabilities

taxonomy, software, security