Skip to Content
0
Former Member
Dec 05, 2009 at 12:11 AM

BOE XI coding practices for Information Protection

23 Views

I am doing some end of year Informoation protection documentation tasks and need to get some verification of the following,

pertaining to Central Management Console and web report parameter pages for BOE XI (R1)

Vendors should verify in writing that the application has been coded to include transaction support for all updates to the database.

Vendors should verify in writing that the application has been coded to prevent SQL injection attacks

Vendors should verify in writing that the application has been coded to prevent buffer overruns. - Applications must be written to prevent buffer overruns by validating all input data for length.

If anyone knows of where this stuff is verified, I would apreciate it.

Thanks,

Dan Buegeleisen