This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Podcast 8
OWASP NEWS
Recording TBD
OWASP AppSec News
http://www.suspekt.org/2009/02/06/some-facts-about-the-phplist-vulnerability-and-the-phpbbcom-hack/
http://hackedphpbb.blogspot.com/2009/01/place-holder.html
http://www.owasp.org/index.php/Category:OWASP_Scrubbr
http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
http://michael-coates.blogspot.com/2009/02/xss-prevention.html
While many of you may be familiar with the ha.ckers.org RSnake XSS Cheat Sheet, Michael Coates talks about the advantages of the OWASP XSS Prevention Cheat Sheet. He says it's cool because it addresses: Injecting Up vs Injecting Down, Attribute Escaping, Javascripting Escaping, CSS Escaping, and URL Escaping
http://blogs.msdn.com/sdl/archive/2009/01/27/sdl-and-the-cwe-sans-top-25.aspx
Bryan Sullivan and Michael Howard put together some information about the Top 25 Most Dangerious programming errors on the SDL blog, including a mapping of the Microsoft SDL to each Common Weakness, or CWE, and how to best address each weakness through education, threat-modeling, a specific Microsoft tool, and/or manual review
http://denimgroup.typepad.com/denim_group/2009/01/owasp-san-antonio-slide-deck-online.html
http://keepitlocked.net/archive/2009/01/27/socalcodecamp-presentation-quot-top-ten-tips-for-tenacious-defense-for-asp-net-application-quot.aspx
http://www.cgisecurity.com/2009/01/web-application-scanners-comparison.html
http://shreeraj.blogspot.com/2009/01/infosecworld-08-presenting-research.html
http://www.cigital.com/justiceleague/2009/01/22/let-the-posturing-begin/
http://nickcoblentz.blogspot.com/2009/01/owasps-xss-prevention-cheat-sheet.html
http://jobsearchtech.about.com/od/educationfortechcareers/g/CSSLP.htm
http://ounceopen.squarespace.com
http://research.zscaler.com
