- A Glimpse Into the Future of Browser Security
- OWASP Interview with David Rice
- NSA comparison of source code analysis tools
- Web Application Security at the Edge is More Efficient Than In the Application
- We had some bugs, and it hurt us.
- Input Validation using the OWASP ESAPI
- Factoring Malware Into Your Web Application Design
- Gmail finally added CSRF protection to logins
- A Stick Figure Guide to the Advanced Encryption Standard (AES)
- 13 Things a Web Application Attacker Won't Tell You
Venture capitalist (Grossman Ventures https://grossman.vc), Internet protector and industry creator. Founded WhiteHat Security & Bit Discovery. BJJ Black Belt.
Friday, October 02, 2009
Best of Application Security (Friday, Oct. 2)
Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected!
I think this one is pretty good too, but of course I am a little partial:
ReplyDelete"Turn Application Assessment Reports into Training Classes"
http://nickcoblentz.blogspot.com/2009/10/turn-application-assessment-reports.html
How come you missed this?
ReplyDeletehttp://vnhacker.blogspot.com/2009/09/flickrs-api-signature-forgery.html
13 Things a Web Application Attacker Won't Tell You - best !
ReplyDelete