This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Template:Application Security News"
From OWASP
Line 1: | Line 1: | ||
+ | ; '''Sep 1 - [http://www.darkreading.com/document.asp?doc_id=109150 | ||
+ | Don't blame the browser]''' | ||
+ | : Client side applications are all intertwined, and a flaw in one may compromise the rest. But don't forget the web applications! | ||
+ | |||
; '''Oct 25 - [http://www.computerweekly.com/Articles/2006/10/23/219377/Microsoft+takes+Vista+security+to+a+new+level+using.htm Michael Howard's advice from OWASP AppSec Conference]''' | ; '''Oct 25 - [http://www.computerweekly.com/Articles/2006/10/23/219377/Microsoft+takes+Vista+security+to+a+new+level+using.htm Michael Howard's advice from OWASP AppSec Conference]''' | ||
: Michael argued convincingly for a comprehensive application security education program first, then use of tools, threat modeling, and code review. His presentation and all the rest are on the [[OWASP_AppSec_Seattle_2006/Agenda|conference page]] | : Michael argued convincingly for a comprehensive application security education program first, then use of tools, threat modeling, and code review. His presentation and all the rest are on the [[OWASP_AppSec_Seattle_2006/Agenda|conference page]] | ||
Line 7: | Line 11: | ||
; '''Oct 19 - [http://msdn.microsoft.com/msdnmag/issues/06/11/default.aspx MSDN Magazine AppSec Issue]''' | ; '''Oct 19 - [http://msdn.microsoft.com/msdnmag/issues/06/11/default.aspx MSDN Magazine AppSec Issue]''' | ||
: Great articles from Michael Howard and crew on Threat Modeling, SSO, Extending SDL, and an interesting article on SQL truncation attacks | : Great articles from Michael Howard and crew on Threat Modeling, SSO, Extending SDL, and an interesting article on SQL truncation attacks | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
; [[Application Security News|Older news...]] | ; [[Application Security News|Older news...]] |
Revision as of 17:01, 5 November 2006
Don't blame the browser]
- Client side applications are all intertwined, and a flaw in one may compromise the rest. But don't forget the web applications!
- Oct 25 - Michael Howard's advice from OWASP AppSec Conference
- Michael argued convincingly for a comprehensive application security education program first, then use of tools, threat modeling, and code review. His presentation and all the rest are on the conference page
- Oct 24 - Hackers get organized
- "Hackers have been breaking into customer accounts at large online brokerages in the United States and making unauthorized trades worth millions of dollars as part of a fast-growing new form of online fraud under investigation by federal authorities. E-Trade Financial Corp. said last week that "concerted rings" in Eastern Europe and Thailand caused their customers $18 million in losses in the third quarter alone. Another company, TD Ameritrade, the third-largest online broker, also has suffered losses from customer account fraud, but a spokeswoman declined to quantify the amount yesterday. "It is an industry problem. It does continue to grow."
- Oct 19 - MSDN Magazine AppSec Issue
- Great articles from Michael Howard and crew on Threat Modeling, SSO, Extending SDL, and an interesting article on SQL truncation attacks