This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Podcast 2

From OWASP
Revision as of 22:03, 17 December 2008 by Arshan (talk | contribs)

Jump to: navigation, search

OWASP Podcast Series #2

Recording December 20, 2008

Participants 

- Stephen Craig Evans
- Jim Manico is a Web Application Architect and Security Instructor for Aspect Security.

OWASP News 

- December 15, 2008 - Breaking Google Gears' Cross-Origin Communication Model 
- December 10, 2008 - Vulnerability in Internet Explorer Could Allow Remote Code Execution
- December 8, 2008 - 4 XSS flaws hit Facebook

Interview withStephen Craig Evans 

- OWASP Summer of Code project, "Securing WebGoat using ModSecurity"

arshan: http://googleonlinesecurity.blogspot.com/2008/12/native-client-technology-for-running.html also looks like crazy news running native code over the web if your code passes a static analysis check is the static analyzer using whitelist or blacklist rules? bypass = arbitrary native code, by design fukami had some interesting findings in bypassing binary analysis (in flash, but still interesting) http://googleonlinesecurity.blogspot.com/2008/12/announcing-browser-security-handbook.html thats big news michael zalewski dumped core


Sent at 4:50 PM on Wednesday jim: one sec, brb


Sent at 4:50 PM on Wednesday jim: have you seed https://www.owasp.org/index.php/Podcast_2 seen... edit it man edit it its crying to be edited


arshan: you want me to put my zings up there? it will be lame - we don't even need nodes notes* imho


jim: please


arshan: why listen when you can read the notes


jim: bring on the magic arshan juice dont hold back


arshan: makes it look so pre planned


jim: first, you need to goto owasp.org and press the "login" button in the upper right

Retrieved from "https://wiki.owasp.org/index.php?title=Podcast_2&oldid=49481"