First article of the new year is in regards to the flourishing WebAppSec community and it’s guidance effort targeting developers and consumers alike. The threat of web application vulnerabilities is now a common-place theme in this new day. Over the last ten years, the advent of the information security community, something previously overlook, has been it’s gradual embracing of the need for web application security as data, handling and formatting become more dynamic. The community has turned itself 180-degrees from reactive to proactive, albeit without a widely adopted standardization in responsiblity / disclosure (which in itself has led to a significant uprise in baseless, malicious disclosures by the 13-year-old next door, savvy with his laptop and his illegitmate copy of AppScan). Continue reading ‘WebAppSec and Consumer Ignorance’
Search
Months
Recent Entries
- THEORY: Apple OSX Spaces Vulnerable
- Apple Wins by the Numbers
- MySpace Gambles Big on Lost Cause
- And From the Shadows of Confusion
- WebAppSec and Consumer Ignorance
- Make Out with Google Checkout
- ChaCha.com - Here comes 1999 all over again.
- U.S. Code Gives Twenty for Free
- REVIEW: Summercon 2007
- DISCLOSURE: XSS Fun
Worth Reading
- Phishing Site in Email - I was looking at a phishing email last night for OANDA FXTrade. At first glance I could see something a little different about it. Instead of linking directly to the phishing site in the email, it
- Interview with The Bug Magazine - About a month or so ago I did an email interview with an online ezine known as The Bug Magazine. They are based in Brazil so most of the magazine is in Portuguese however the editors graciously
