CWE. SANS Top 25 Most Dangerous Program- ming Errors Includes rules that find issues classified as Top 25 Most Dangerous Programming Errors of the CWE-SANS standard. NIST SAMATE Includes rules that find issues identified in the NIST SAMATE standard OWASP Top 10 Security Vulnerabilities Includes rules that find issues identified in OWASP’s Top 10 standard PCI Data Security Standard Includes rules that find issues identified in PCI Data Security Standard Security Assessment General test configuration that finds security issues IEC 62304 (Template) A template test configuration for applying the IEC 62304 Medical standard. Run NUnit Tests Runs NUnit Tests that are found in the scope of analysis Run NUnit Tests with coverage Runs NUnit Tests that are found in the scope of analysis and monitors coverage Calculate Application Coverage Processes the application coverage data to generate a coverage.xml file. See “Application Coverage for Web Applications”, page 43 for additional information. Execute MSTests with Coverage Executes MSTests and collects coverage. See “Running MSTest Tests”, page 36, for more information. Execute MSTests Executes MSTests. See “Running MSTest Tests”, page 36, for more information. Collect Static Coverage Generates the static coverage data necessary for application coverage. See “Application Cov- erage for Web Applications”, page 43, for details. Creating Custom Rules Use RuleWizard to create custom rules. To use the rule in the Static Analysis Engine, it needs to be enabled in a test configuration and the custom rule file must be located in one of the following directo- xxxx: • [INSTALL_DIR]\rules\user\ • [DOCUMENTS DIR]\Parasoft\[engine]\rules where [DOCUMENTS DIR] refers to the "My Documents" directory in Windows Defining Test Scope The test scope refers to the file or set of files for testing. Use the -resource switch followed by a path in the solution to define the scope. Do not use file system paths to define the scope. Use the Visual Studio Solution Explorer path instead. If you are running analysis from your IDE, a source file that is open in the active editor has higher prior- ity than resources defined with Solution Explorer and only this file will be analyzed. Testing a Single Project in a Solution dottestcli.exe -solution "C:\Devel\FooSolution\FooSolution.sln" -resource "FooSolution/QuxProject" -config "builtin://Demo" -report "C:\Report" Testing a Single Directory of Files in a Project dottestcli.exe -solution "C:\Devel\FooS...
CWE. 326 Description: Web servers can be configured to automatically list the contents of directories that do not have an index page present. This can aid an attacker by enabling them to quickly identify the resources at a given path, and proceed directly to analyzing and attacking those resources. It particularly increases the exposure of sensitive files within the directory that are not intended to be accessible to users, such as temporary files and crash dumps. Directory listings themselves do not necessarily constitute a security vulnerability. Any sensitive resources within the web root should in any case be properly access-controlled, and should not be accessible by an unauthorized party who happens to know or guess the URL. Even when directory listings are disabled, an attacker may guess the location of sensitive files using automated tools. Threat Level: Low Solution: There is not usually any good reason to provide directory listings, and disabling them may place additional hurdles in the path of an attacker. This can normally be achieved in two ways:
CWE. 538, 548
CWE is conducting the savings and loan/banking business through its subsidiary, the Bank; Pulaski Financial is conducting the savings and loan/banking business through its subsidiary, Pulaski Bank; and, after the Merger of CWE with and into Acquisition, the merger of Acquisition with and into Pulaski Financial, and the merger of the Bank with and into Pulaski Bank, CWE’s historic business will be continued by Pulaski Financial which will also continue to use a significant portion of CWE’s historic business assets.
CWE. (2) is engaged in the business of providing network integration, technical support, and web-centric applications development services and related equipment (the "BUSINESS").
CWE. (2) has 1,000,000 shares of its common stock authorized, issued and outstanding (the "SHAREHOLDER SHARES"). The Shareholder Shares constitute all of the issued and outstanding capital stock of CWE(2). The Werths own 894,430 shares (the "XXXXX SHARES") of the Shareholder Shares.
CWE. (2) and the Werths, jointly and severally, hereby represent and warrant to NetLojix, as of the date hereof and as of the Closing Date, as follows:
CWE. (2). CWE(2) is a corporation duly organized, validly existing and in good standing under the laws of the State of Illinois. CWE(2) is not required to be qualified or licensed to do business in any jurisdiction other than the State of Illinois. CWE
CWE. (2) has delivered to NetLojix true and complete copies of all documents and summary plan descriptions with respect to such plans, agreements and arrangements, or summary descriptions of any such plans, agreements or arrangements not otherwise in writing.
CWE. (2) is in full compliance with the applicable provisions of ERISA (as amended through the date of this Agreement), the regulations and published authorities thereunder, and all other Laws applicable with respect to all such employee benefit plans, agreements and arrangements. CWE(2) has performed all of its obligations under all such plans, agreements and arrangements. To the best knowledge of CWE(2) and the Werths, there are no Actions (other than routine claims for benefits) pending or threatened against such plans or their assets, or arising out of such plans, agreements or arrangements, and, to the best knowledge of CWE(2) or the Werths, no facts exist which could give rise to any such Actions.
