|
|
| (53 intermediate revisions by 5 users not shown) |
| Line 1: |
Line 1: |
| − | ; '''Sep 26 - [http://www.nytimes.com/2006/09/27/technology/circuits/27goog.html Google hacking makes the NYT]'''
| + | <IfLanguage Is="en"> |
| − | : "Google acknowledges that its index can be misused. “Search engines reflect what is on the Web,” said Barry Schnitt, a Google spokesman. “We still work to try to prevent and stop exploits and encourage Webmasters to employ best practices and effective security for their Web sites.” On Google’s site you can find tips on how to remove sensitive data from its index, for example."
| + | This news feed is moderated by OWASP and will feature high-quality posts focused on application security that advance the field, provide useful insight, or are useful educational resources. |
| | + | </IfLanguage> |
| | + | <IfLanguage Is="es"> |
| | + | Estas noticias son moderadas por OWASP y mostrarán publicaciónes de alta calidad enfocadas en seguridad de aplicaciones de avanzada, proveen razonamiento profundo o son recursos educativos útiles. |
| | + | </IfLanguage> |
| | | | |
| − | ; '''Sep 21 - [http://searchappsecurity.techtarget.com/originalContent/0,289142,sid92_gci1216994,00.html WAFs not dead says Burton]'''
| + | <owaspfeed/> |
| − | : "The bottom line, though, is that installing a Web application firewall makes sense if you're willing to spend time tuning and understanding the rules. While Web application firewalls may come with some default rule sets, customers said they got the biggest bang when they understood their Web applications and how they worked."
| |
| − | | |
| − | ; '''Sep 21 - [http://www.uschamber.com/NR/rdonlyres/eyzkc6zyokejn5n64o7vpmgvqxyd7dodczrpuc5tpqzoinz5gq7mpy3puuct43h6cgtr4kf3hmpx6hugw5kiktflzyh/top_5_alert.pdf Visa: SQL injection confirmed as compromise leader]'''
| |
| − | : Visa has analyzed a their actual compromises and concluded that [[SQL injection]] is the most problematic application security problem. "A successful SQL injection attack can have serious consequences. SQL injection attacks can result in the crippling of the payment application or an entire e-commerce site."
| |
| − | | |
| − | ; '''Sep 21 - [http://www.zimbra.com/blog/archives/2006/09/securing_ajax.html Ajax more secure? Right.]'''
| |
| − | : This blog post argues "[[OWASP AJAX Project|Ajax]] applications can be made as highly-secure as the web technologies upon which the Ajax model is based." Even if that was the goal, it misses the point. The complexity and lack of tools for building and testing Ajax applications makes them ''far'' more difficult to assure.
| |
| − | | |
| − | ; '''Sep 21 - [http://www.marketwatch.com/news/story/story.aspx?guid=757B480B7BF64D068ED8D43AB42AC6FC&siteid=mktw&dist=nbk Fear of commitment]'''
| |
| − | : "According to a June 2006 survey of 400 U.S. based software developers that was commissioned by Symantec, an overwhelming 93 percent felt that secure application development was more of a priority now than three years ago. Also 70 percent indicated that their employers emphasize the importance of application security, 74 percent indicated that security was a high priority in their development process, yet only 29 percent stated that security was always part of the development process."
| |
| − | | |
| − | ; [[Application Security News|Older news...]]
| |
This news feed is moderated by OWASP and will feature high-quality posts focused on application security that advance the field, provide useful insight, or are useful educational resources.
