Jeremiah Grossman

CEO of Bit Discovery, Professional Hacker, Black Belt in Brazilian Jiu-Jitsu, Off-Road Race Car Driver, Founder of WhiteHat Security, and Maui resident.

Friday, March 12, 2010

Best of Application Security (Friday, Mar. 12)

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.
  • Bypassing CSRF protections with ClickJacking and HTTP Parameter Pollution
  • Three Steps to a Rational Security Budget
  • Hackvertor and JSReg
  • Multiple DOM-Based XSS in Dojo Toolkit SDK
  • Weak security ID questions put e-mail at risk
  • XSS demo for stealing passwords from the Firefox password manager
  • ...because you can't get enough of clickjacking
  • A gentle introduction to return-oriented programming
  • Facebook Adds Code for Clickjacking Prevention
  • Notes Richard Bejtlich OWASP Podcast
Posted by Jeremiah Grossman at 10:15 PM

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

About Me

My photo
Jeremiah Grossman
Jeremiah Grossman's career spans nearly 20 years and has lived a literal lifetime in computer security to become one of the industry's biggest names. He has received a number of industry awards, been publicly thanked by Microsoft, Mozilla, Google, Facebook, and many others for his security research. Jeremiah has written hundreds of articles and white papers. As an industry veteran, he has been featured in hundreds of media outlets around the world. Jeremiah has been a guest speaker on six continents at hundreds of events including many top universities. All of this was after Jeremiah served as an information security officer at Yahoo!
View my complete profile

Links

  • Jeremiah's Main Website
  • Twitter Profile
  • Facebook Profile
  • LinkedIn Profile

Total Pageviews

Profile

Profile

TEDxMaui

TEDxMaui

Brazilian Jiu-Jitsu

Brazilian Jiu-Jitsu

BobbleJer

BobbleJer

My 1964 Lincoln Continental

My 1964 Lincoln Continental

Subscribe

Posts
Atom
Posts
Comments
Atom
Comments

Blog Archive

  • ►  2020 (2)
    • ►  December (2)
  • ►  2018 (5)
    • ►  August (1)
    • ►  July (1)
    • ►  May (1)
    • ►  March (2)
  • ►  2017 (3)
    • ►  April (1)
    • ►  February (2)
  • ►  2016 (7)
    • ►  October (1)
    • ►  June (1)
    • ►  May (4)
    • ►  March (1)
  • ►  2013 (1)
    • ►  January (1)
  • ►  2012 (2)
    • ►  April (1)
    • ►  January (1)
  • ►  2011 (18)
    • ►  December (1)
    • ►  June (1)
    • ►  May (1)
    • ►  March (3)
    • ►  February (5)
    • ►  January (7)
  • ▼  2010 (62)
    • ►  December (9)
    • ►  November (2)
    • ►  October (1)
    • ►  September (3)
    • ►  August (2)
    • ►  July (5)
    • ►  June (5)
    • ►  May (3)
    • ►  April (3)
    • ▼  March (6)
      • Best of Application Security (Friday, Mar. 26)
      • Best of Application Security (Friday, Mar. 19)
      • PCI-SSC slaps ASVs wrists over marketing claims ab...
      • Best of Application Security (Friday, Mar. 12)
      • Password Managers, is this the best option user’s ...
      • Best of Application Security (Friday, Mar. 5)
    • ►  February (12)
    • ►  January (11)
  • ►  2009 (75)
    • ►  December (7)
    • ►  November (5)
    • ►  October (8)
    • ►  September (5)
    • ►  August (11)
    • ►  July (6)
    • ►  June (4)
    • ►  May (5)
    • ►  April (4)
    • ►  March (4)
    • ►  February (5)
    • ►  January (11)
  • ►  2008 (117)
    • ►  December (6)
    • ►  November (2)
    • ►  October (2)
    • ►  September (8)
    • ►  August (8)
    • ►  July (10)
    • ►  June (16)
    • ►  May (16)
    • ►  April (19)
    • ►  March (11)
    • ►  February (4)
    • ►  January (15)
  • ►  2007 (195)
    • ►  December (5)
    • ►  November (19)
    • ►  October (11)
    • ►  September (10)
    • ►  August (13)
    • ►  July (22)
    • ►  June (17)
    • ►  May (25)
    • ►  April (18)
    • ►  March (21)
    • ►  February (12)
    • ►  January (22)
  • ►  2006 (123)
    • ►  December (11)
    • ►  November (21)
    • ►  October (20)
    • ►  September (29)
    • ►  August (16)
    • ►  July (15)
    • ►  June (3)
    • ►  January (8)
  • ►  2005 (99)
    • ►  November (2)
    • ►  October (3)
    • ►  September (5)
    • ►  August (9)
    • ►  July (14)
    • ►  June (15)
    • ►  May (13)
    • ►  April (9)
    • ►  March (11)
    • ►  February (7)
    • ►  January (11)
  • ►  2004 (14)
    • ►  December (7)
    • ►  November (6)
    • ►  June (1)
  • ►  2001 (2)
    • ►  November (1)
    • ►  March (1)
Picture Window theme. Powered by Blogger.