Thursday, May 31, 2007

Blog interview with Ken from bloginfosec.com

During my travels I get to meet a lot of interesting people from all over the world with similar passions as my own (webappsec/aussie rules/jiu jitsu, the usual). On one such recent occasion I met Kenneth F. Belva after presenting for the 16th Annual NY Metro ISSA conference at the very posh and exclusive New York Athletic Club. After a few minutes of webappsec industry conversation I find out he reads my blog and is also a blogger himself (bloginfosec.com)! Cool. Ken asked if I'd like to do a follow-up interview blog-style asking my thoughts about CSRF, XSS, their importance, solutions, safe surfing habits, etc for his readers. The simple stuff that most developers, netizens, and website owners continue to grapple with. Sounded like fun. Its just been posted. Enjoy!

5 comments:

Anonymous said...

Great interview, I personally have just started to realize the impact that CSRF can have. Question for you, do you ever go to any conferences in canada?

Jeremiah Grossman said...

Thank you. Yah, CSRF is just one of those things that many knew about for a while, but then somehow caught us all of guard.

Canada? Not so far, but I'd love to. Recommendations?

Anonymous said...

I was hoping you had some! I want to start going to some security conferences but I don't think theres many hosted around here (london). I would love to be able to go to blackhat or something, but a plane ticket is outta the budget right now. Hopefully in the future.

Jeremiah Grossman said...

This is probably a good excuse to create a community based mash-up.... security conferences with Google maps. Hmmmm....

Jeremiah Grossman said...

I was notified though, by Dinis, that he's giving a high-end source code security review training class in your area. Maybe worth a look

http://www.ouncelabs.com/securityexperts/