|
|
| (63 intermediate revisions by 5 users not shown) |
| Line 1: |
Line 1: |
| − | ; '''Aug 28 - [http://www.sdtimes.com/article/special-20060815-01.html Secure coding initiatives - Verdict: Don't start with tools]'''
| + | <IfLanguage Is="en"> |
| − | : Tools give a warped perspective on software security. They overemphasize stuff they're good at finding, and completely miss critical flaws. Get your people and process aligned on secure coding, and then it will be easy to see which tools really help you.
| + | This news feed is moderated by OWASP and will feature high-quality posts focused on application security that advance the field, provide useful insight, or are useful educational resources. |
| | + | </IfLanguage> |
| | + | <IfLanguage Is="es"> |
| | + | Estas noticias son moderadas por OWASP y mostrarán publicaciónes de alta calidad enfocadas en seguridad de aplicaciones de avanzada, proveen razonamiento profundo o son recursos educativos útiles. |
| | + | </IfLanguage> |
| | | | |
| − | ; '''Aug 22 - [http://www.wired.com/news/politics/privacy/1,71622-0.html The privacy debacle hall of shame]'''
| + | <owaspfeed/> |
| − | : "[The AOL screwup] may have been one of the dumbest privacy debacles of all time, but it certainly wasn't the first. Here are ten other privacy snafus that made the world an unsafer place."
| |
| − | | |
| − | ; '''Aug 22 - [http://www.infoworld.com/article/06/08/16/HNyahoosecurityplug_1.html Yahoo touches application security's third rail - encoding]'''
| |
| − | : "The problem was Yahoo Mail's handling of attachments. By creating an HTML attachment with different encoding schemes, one could have bypassed Yahoo Mail's security filter and executed malicious JavaScript code"
| |
| − | | |
| − | ; '''Aug 22 - [http://www.corsaire.com/white-papers/060816-assessing-java-clients-with-the-beanshell.pdf Nifty approach to rich Java client testing]'''
| |
| − | : "The BeanShell provides a convenient means of inspecting and manipulating a Java application during execution. This allows the security tester to bypass security controls on the client and verify the security controls on the server. It also allows for the automation of tedious tests such as brute force testing."
| |
| − | | |
| − | ; [[Application Security News|Older news...]]
| |
Latest revision as of 15:30, 6 May 2012
This news feed is moderated by OWASP and will feature high-quality posts focused on application security that advance the field, provide useful insight, or are useful educational resources.
<owaspfeed/>
