|
|
| (35 intermediate revisions by 4 users not shown) |
| Line 1: |
Line 1: |
| − | <!-- | + | <!-- post news stories on [[OWASP News]] and they'll get picked up here soon --> |
| − | ; '''Mon ## - [[article]]'''
| |
| − | : item
| |
| − | --> | |
| | | | |
| − | ; '''Aug 14 - [http://www.iese.fraunhofer.de/download/Security-Checker-Tools-for-Web-Applications.pdf Detailed analysis of application security tools]''' | + | ; '''Ju1 13 - [[OWASP Newsletter 10]]''' |
| − | : Holger Peine of the Fraunhofer Institute compares a number of free tools (WebScarab, Paros, Burp Suite, Spike Proxy), and commercial tools (AppScan, WebInspect, Acunetix). The methodology is quite detailed and uses OWASP's WebGoat and a 'normal' web application. | + | : $28K available, OWASP Moderated AppSec News Feed, OWASP on the Move Events |
| | | | |
| − | ; '''Aug 14 - [http://www.owasp.org/index.php/Image:Threat_modelling_of_pharming.doc When Phishing Evolves to Pharming] | + | ; '''Jun 10 - [[OWASP Newsletter 9]]''' |
| − | : "Phishing is evolving into a new type of attack called pharming. Pharming redirects users to fraudulent websites seamlessly without any suspicious activity such as spam mail that asks a user to login at a website. This paper analyses possible vectors of pharming and creates a threat model for it with attack tree." OWASP would like to thank Cheong Kai Wee for the submission of this paper! [[:Category:OWASP_Papers|Click here]] for details on submitting your own paper to the [[:Category:OWASP_Papers|OWASP Papers Program]]. | + | : Top Ten 2007 FINAL!, More SPoC details, lots of pages updated |
| | | | |
| − | ; '''Jul 31 - [[:Category:OWASP CAL9000 Project|CAL9000 v1.1 released]]''' | + | ; '''Apr 17 - [[OWASP Newsletter 8]]''' |
| − | : The in-browser JavaScript based web app testing framework has added enhanced encode/decode functions and several bugfixes.
| + | : OWASP SpoC projects selected, new OWASP WeBecki tool, OWASP Code Review project, OWASP updates and much more |
| − | | |
| − | ; '''Jul 31 - [[:Category:OWASP Honeycomb Project|Fortify donates vulnerability research to OWASP]]'''
| |
| − | : Announcing a new extensive classification of software security vulnerabilities created and donated by Fortify Software Inc. The full set of vulnerabilities and the research that accompanies it is available in the [[:Category:OWASP Honeycomb Project|OWASP Honeycomb Project]].
| |
| − | | |
| − | ; '''Jul 11 - [[OWASP AJAX Security Project|Two part interview on Ajax with OWASP's Andrew van der Stock]]'''
| |
| − | : In this two part interview, Andrew discusses the key security threats facing Ajax applications and practical advice for securing them. "I expect more Ajax vulnerabilities and exploits to surface, and I expect researchers to come up with additional "new" flaws that need to be protected against."
| |
| | | | |
| | ; [[OWASP News|Older news...]] | | ; [[OWASP News|Older news...]] |
