Best of Application Security (Friday, Jan. 22)

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.

• Is APT After You?
• Microsoft: Introducing Quick Security References (QSRs)
• Missed pages and the usefulness of "site maps" for web app vuln scanning
• Private browsing in Flash Player 10.1
• Presentation about WAFs in the cloud
• How Often Should I Reassess My Web Applications?
• A Fantasy Explanation of Standard vs. Blind SQL Injection
• Researcher demos clickjacking attack on Facebook
• Analysis of 32 million breached passwords
• The Fallacy of Secure Software