This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Template:Application Security News"
From OWASP
| Line 13: | Line 13: | ||
; '''Sep 21 - [http://www.marketwatch.com/news/story/story.aspx?guid=757B480B7BF64D068ED8D43AB42AC6FC&siteid=mktw&dist=nbk Fear of commitment]''' | ; '''Sep 21 - [http://www.marketwatch.com/news/story/story.aspx?guid=757B480B7BF64D068ED8D43AB42AC6FC&siteid=mktw&dist=nbk Fear of commitment]''' | ||
: "According to a June 2006 survey of 400 U.S. based software developers that was commissioned by Symantec, an overwhelming 93 percent felt that secure application development was more of a priority now than three years ago. Also 70 percent indicated that their employers emphasize the importance of application security, 74 percent indicated that security was a high priority in their development process, yet only 29 percent stated that security was always part of the development process." | : "According to a June 2006 survey of 400 U.S. based software developers that was commissioned by Symantec, an overwhelming 93 percent felt that secure application development was more of a priority now than three years ago. Also 70 percent indicated that their employers emphasize the importance of application security, 74 percent indicated that security was a high priority in their development process, yet only 29 percent stated that security was always part of the development process." | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
; [[Application Security News|Older news...]] | ; [[Application Security News|Older news...]] | ||
Revision as of 00:31, 27 September 2006
- Sep 26 - Google hacking makes the NYT
- "Google acknowledges that its index can be misused. “Search engines reflect what is on the Web,” said Barry Schnitt, a Google spokesman. “We still work to try to prevent and stop exploits and encourage Webmasters to employ best practices and effective security for their Web sites.” On Google’s site you can find tips on how to remove sensitive data from its index, for example."
- Sep 21 - WAFs not dead says Burton
- "The bottom line, though, is that installing a Web application firewall makes sense if you're willing to spend time tuning and understanding the rules. While Web application firewalls may come with some default rule sets, customers said they got the biggest bang when they understood their Web applications and how they worked."
- Sep 21 - Visa: SQL injection confirmed as compromise leader
- Visa has analyzed a their actual compromises and concluded that SQL injection is the most problematic application security problem. "A successful SQL injection attack can have serious consequences. SQL injection attacks can result in the crippling of the payment application or an entire e-commerce site."
- Sep 21 - Ajax more secure? Right.
- This blog post argues "Ajax applications can be made as highly-secure as the web technologies upon which the Ajax model is based." Even if that was the goal, it misses the point. The complexity and lack of tools for building and testing Ajax applications makes them far more difficult to assure.
- Sep 21 - Fear of commitment
- "According to a June 2006 survey of 400 U.S. based software developers that was commissioned by Symantec, an overwhelming 93 percent felt that secure application development was more of a priority now than three years ago. Also 70 percent indicated that their employers emphasize the importance of application security, 74 percent indicated that security was a high priority in their development process, yet only 29 percent stated that security was always part of the development process."
