| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 9 Mar 2007 10:43:18 -0800
From: "Kasey Cross" <kasey@...erva.com>
To: "Dinis Cruz" <dinis@...lus.net>,
"crazy frog crazy frog" <i.m.crazy.frog@...il.com>
Cc: full-disclosure@...ts.grok.org.uk, websecurity@...appsec.org
Subject: Re: [WEB SECURITY] Re: Good resources on Web 2.0
Hi Justin,
Imperva is hosting a webinar on March 14th that goes over Web 2.0
(including AJAX, RSS feeds, collaboration sites & mashups), Web 2.0
security risks, and mitigation techniques. You can sign up for it at
http://imperva.webex.com <http://imperva.webex.com/> .
There are also some good resources on the web. For example, this article
covers AJAX security issues: http://www.securityfocus.com/infocus/1868.
And the new OWASP Top Ten 2007 candidate-while not developed for "Web
2.0" apps-covers many of the top Web 2.0 security threats like XSS &
CSRF. It's available at: http://www.owasp.org/index.php/Top_10_2007
Best regards,
Kasey
________________________________
From: Dinis Cruz [mailto:dinis@...lus.net]
Sent: Thursday, March 08, 2007 9:56 PM
To: crazy frog crazy frog
Cc: michaelslists@...il.com; websecurity@...appsec.org;
full-disclosure@...ts.grok.org.uk
Subject: Re: [WEB SECURITY] Re: [Full-disclosure] Good resources on Web
2.0
There is a good search engine at the OWASP website.
Here is a search for Web 2.0 with results from owasp.org:
http://www.owasp.org/google/results.html?cx=009205368367870198977%3A6sxq
lkety5e&q=web+2.0+more:owasp-only&sa=Search&cof=FORID%3A9
and with results from web application security websites:
http://www.owasp.org/google/results.html?cx=009205368367870198977%3A6sxq
lkety5e&q=web+2.0&sa=Search&cof=FORID%3A9
Dinis Cruz
Chief OWASP Evangelist
http://www.owasp.org
On 3/9/07, crazy frog crazy frog <i.m.crazy.frog@...il.com> wrote:
secgeeks.com
cgisecurity.com
webappsec.com
securityfocus.com
www.plynt.com
On 3/9/07, Michael Silk <michaelslists@...il.com> wrote:
> On 3/9/07, Justin Boem <ktriv3di@....com > wrote:
> >
> >
> > List,
> >
> > I am looking for some good resources on Web 2.0 and Security. I know
this
> is a huge topic, but any references to good books, articles, websites,
> tools, etc would be great
>
> "web 2.0" security is the same as any other type of web security. the
same
> principles apply.
>
> >
> >
> > Thanks
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
>
>
> --
> mike
> 00110001 <3 00110111
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
---------------------------------------
http://www.secgeeks.com
get a blog on secgeeks :)
register here:-
http://secgeeks.com/user/register
rss feeds :-
http://secgeeks.com/node/feed
Submit you security articles,send them to secgeek@...geeks.com
http://www.newskicks.com
Submit and kick for new stories from all around the world.
---------------------------------------
------------------------------------------------------------------------
----
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists