Most computer system intrusions are a result of security vulnerabilities in applications. Detection 
and identification of security vulnerabilities is an interesting process not only for security experts and system administrators, but also for intruders attempting to penetrate computer systems.
Once detected, exploits for new security vulnerabilities can be created and intruders can penetrate a high number of systems on the Internet. This is a significant threat to all information system users.
There are several methods that are used to find new security vulnerabilities: Source code analysis, Binary file analysis (static and dynamic (runtime) analysis), Runtime analysis of API functions, Fuzzing methods (fault injection) and Hybrid methods (various combinations of above methods). Using Fuzzing to Detect Security Vulnerabilities - IT Observer
From around the Web
- Windows Vista Service Pack 2 Latest Release Schedule
- Vista SP2: What is inside?
- NetWitness releases free version of security software
- Three Reasons Why Users Won’t Buy Into Security
- Automated security testing & its limitations
- Google Wants to Preinstall Chrome Browser on PCs
- Mozilla warns of Firefox China add on
- Firefox No Longer an Automatic Defense Against Browser Drive Bys
- Google patches Chrome file stealing bug
- Apple plays catch up, adds anti fraud safeguard to Safari
- Researchers find vulnerability in Windows Vista
- How to Use Network Behavior Analysis Tools
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Windows 7 UAC could be less of a nag