Robert “RSnake” Hansen and Jeremiah Grossman were to present at OWASP AppSec NY 2008. Unfortunately, their presentation involving clickjacking was effectively canceled at the request of the vendor Adobe. In addition to Adobe, RSnake and Grossman have discussed the vulnerability with Microsoft and Mozilla. OWASP ended up having a clickjacking 20-Questions session [...]
Read Full Post »
Posted in COBIT, ISACA, NIST, OCEG, OWASP, Policies on Jun 2nd, 2007
“It will not do to leave a live dragon out of your plans if you live near one.”
– The Hobbit, J. R. R. Tolkien
Way back, before blogs existed, when there was only the cartoon version of The Hobbit, J. R. R. Tolkien was teaching children of my generation how to write good security plans. Many [...]
Read Full Post »
Posted in COBIT, OWASP, Web Application on Jan 20th, 2007
Next to my bed, I have the book, “Time Management for System Administrators” by Thomas A. Limoncelli. I highly recommend the book. I have to confess, I have not gotten very for into the book. I just have not had much time. I know, it sounds like a punch line. Well, [...]
Read Full Post »
