Message-ID: <9FF43BA408CE4042A41F3C33BFDFA45D02C9B323@exchange-ca.us.imperva.com>
Date: Fri, 9 Mar 2007 10:43:18 -0800
From: "Kasey Cross" <kasey@...erva.com>
To: "Dinis Cruz" <dinis@...lus.net>,
	"crazy frog crazy frog" <i.m.crazy.frog@...il.com>
Cc: full-disclosure@...ts.grok.org.uk, websecurity@...appsec.org
Subject: Re: [WEB SECURITY] Re: Good resources on Web 2.0

Hi Justin,

 

Imperva is hosting a webinar on March 14th that goes over Web 2.0
(including AJAX, RSS feeds, collaboration sites & mashups), Web 2.0
security risks, and mitigation techniques. You can sign up for it at
http://imperva.webex.com <http://imperva.webex.com/> . 

 

 

There are also some good resources on the web. For example, this article
covers AJAX security issues: http://www.securityfocus.com/infocus/1868.
And the new OWASP Top Ten 2007 candidate-while not developed for "Web
2.0" apps-covers many of the top Web 2.0 security threats like XSS &
CSRF. It's available at: http://www.owasp.org/index.php/Top_10_2007 

 

Best regards,
Kasey 

 

________________________________

From: Dinis Cruz [mailto:dinis@...lus.net] 
Sent: Thursday, March 08, 2007 9:56 PM
To: crazy frog crazy frog
Cc: michaelslists@...il.com; websecurity@...appsec.org;
full-disclosure@...ts.grok.org.uk
Subject: Re: [WEB SECURITY] Re: [Full-disclosure] Good resources on Web
2.0

 

There is a good search engine at the OWASP website.

Here is a search for Web 2.0 with results from owasp.org:
http://www.owasp.org/google/results.html?cx=009205368367870198977%3A6sxq
lkety5e&q=web+2.0+more:owasp-only&sa=Search&cof=FORID%3A9

and with results from web application security websites:
http://www.owasp.org/google/results.html?cx=009205368367870198977%3A6sxq
lkety5e&q=web+2.0&sa=Search&cof=FORID%3A9

Dinis Cruz
Chief OWASP Evangelist
http://www.owasp.org 

On 3/9/07, crazy frog crazy frog <i.m.crazy.frog@...il.com> wrote:

secgeeks.com
cgisecurity.com
webappsec.com
securityfocus.com
www.plynt.com

On 3/9/07, Michael Silk <michaelslists@...il.com> wrote:
> On 3/9/07, Justin Boem <ktriv3di@....com > wrote:
> >
> >
> > List,
> >
> > I am looking for some good resources on Web 2.0 and Security. I know
this
> is a huge topic, but any references to good books, articles, websites,

> tools, etc would be great
>
> "web 2.0" security is the same as any other type of web security. the
same
> principles apply.
>
> >
> >
> > Thanks
> > _______________________________________________ 
> > Full-Disclosure - We believe in it.
> > Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
>
>
> --
> mike
> 00110001 <3 00110111
> _______________________________________________
> Full-Disclosure - We believe in it. 
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/ 
>


--
---------------------------------------
http://www.secgeeks.com
get a blog on secgeeks :)
register here:-
http://secgeeks.com/user/register
rss feeds :-
http://secgeeks.com/node/feed
Submit you security articles,send them to secgeek@...geeks.com 

http://www.newskicks.com
Submit and kick for new stories from all around the world.
---------------------------------------

------------------------------------------------------------------------
---- 
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/ 

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

 


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists