Webappsec->General
On Website Security
November 08, 2012
So websites – even really large ones have some serious security flaws and it’s disturbing. Yet they don’t seem to care much. Guys like Troy Hunt are doing a great job bringing these issues to light. In this video Girl Cynic and I ponder over some of these issues...
Comments (0)
Video: Do I Have to Secure All My Applications?
September 24, 2012
Attackers take advantage of any externally facing web application. If you think about a web application is not mission because it’s not touching data and if there is a SQL Injection vulnerability that exists in there attackers can use that to gain a foothold inside the network...
Comments (0)
Securing Enterprise Communications Systems and Applications
April 27, 2012
Javvad Malik caught up with Rahul Sasi at Black Hat Europe 2012 to learn about securing automated enterprise communications systems and applications against sophisticated hacking attack techniques. Javvad's coverage of Black Hat Europe courtesy of Infosec Island and NETpeas...
Comments (0)
On Input Validation
December 29, 2011
Input validation is a good security principle based on your application looking at what’s being asked of it and deal in a secure manner. It’s not always fool proof, but goes a long way...
Comments (0)
Hacker Halted: Jeremiah Grossman on Hacking Websites
November 06, 2011
"Fundamentally the answer to the software security question can be found through metrics. By carefully tracking and analyzing metrics, very particular key performance indicators (KPIs), an organization can determine where resources would be best invested..."
Comments (0)
Granular Application Control Drives Next Gen Firewalls
May 18, 2011
Web apps in particular have become a nightmare for IT staff. Should users be allowed to use Twitter, URL shorteners like bit.ly or ur1.ca, or even Facebook? And if they do what should they be allowed to do within the app? Posting updates is one thing. Playing Mafia Wars is another...
Comments (0)
RSA: Online Trust Alliance President Craig Spiezle
February 17, 2011
Anthony M. Freed interviews Craig Speizle with the Online Trust Alliance (OTA). Prior to OTA, Craig spent over a decade at Microsoft, as Director of Security & Privacy Product Management for Internet Explorer, driving the development of anti-spam, anti-phishing, anti-malware and privacy enabling technologies. Spiezle has held various marketing and managerial positions including international c...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)