Subscribe

Category Archive for 'Web Application'

News Flash: NoScripts Helps Fight Clickjacking 0-Day

Posted in Clickjacking, News, NoScript, OWASP, Web Application on Sep 26th, 2008

Robert “RSnake” Hansen and Jeremiah Grossman were to present at OWASP AppSec NY 2008. Unfortunately, their presentation involving clickjacking was effectively canceled at the request of the vendor Adobe. In addition to Adobe, RSnake and Grossman have discussed the vulnerability with Microsoft and Mozilla. OWASP ended up having a clickjacking 20-Questions session [...]

Read Full Post »

Risk Assessment: A Starting Point

Posted in COBIT, ISACA, Mind Maps, NIST, Risk, Security Catalyst, Web Application on Sep 22nd, 2008

Recently I was asked if I could provide a few pointers to help in developing a risk assessment process for an organization. I thought I would share my response. First, I would like to draw your attention to the mind map image over to the left of this text. The mind map [...]

Read Full Post »

Implementing a Web Application Firewall with ModSecurity

Posted in Apache, Application, Defense in Depth, Mac OS X, ModSecurity, Open Source, Web Application on Jul 31st, 2008

There are a few topics I have meant to do a post on for awhile. Sometimes having too much interest and information on a topic can be a bad thing. Wanting to pull various postings and articles along with implementation instructions can be a bit time consuming. Plus, in order to demonstrate [...]

Read Full Post »

Older Posts »