[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [WEB SECURITY] Re: Good resources on Web 2.0

Hi Justin,

 

Imperva is hosting a webinar on March 14th that goes over Web 2.0
(including AJAX, RSS feeds, collaboration sites & mashups), Web 2.0
security risks, and mitigation techniques. You can sign up for it at
http://imperva.webex.com <http://imperva.webex.com/> . 

 

 

There are also some good resources on the web. For example, this article
covers AJAX security issues: http://www.securityfocus.com/infocus/1868.
And the new OWASP Top Ten 2007 candidate-while not developed for "Web
2.0" apps-covers many of the top Web 2.0 security threats like XSS &
CSRF. It's available at: http://www.owasp.org/index.php/Top_10_2007 

 

Best regards,
Kasey 

 

________________________________

From: Dinis Cruz [mailto:dinis@xxxxxxxxxx] 
Sent: Thursday, March 08, 2007 9:56 PM
To: crazy frog crazy frog
Cc: michaelslists@xxxxxxxxx; websecurity@xxxxxxxxxxxxx;
full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [WEB SECURITY] Re: [Full-disclosure] Good resources on Web
2.0

 

There is a good search engine at the OWASP website.

Here is a search for Web 2.0 with results from owasp.org:
http://www.owasp.org/google/results.html?cx=009205368367870198977%3A6sxq
lkety5e&q=web+2.0+more:owasp-only&sa=Search&cof=FORID%3A9

and with results from web application security websites:
http://www.owasp.org/google/results.html?cx=009205368367870198977%3A6sxq
lkety5e&q=web+2.0&sa=Search&cof=FORID%3A9

Dinis Cruz
Chief OWASP Evangelist
http://www.owasp.org 

On 3/9/07, crazy frog crazy frog <i.m.crazy.frog@xxxxxxxxx> wrote:

secgeeks.com
cgisecurity.com
webappsec.com
securityfocus.com
www.plynt.com

On 3/9/07, Michael Silk <michaelslists@xxxxxxxxx> wrote:
> On 3/9/07, Justin Boem <ktriv3di@xxxxxxx > wrote:
> >
> >
> > List,
> >
> > I am looking for some good resources on Web 2.0 and Security. I know
this
> is a huge topic, but any references to good books, articles, websites,

> tools, etc would be great
>
> "web 2.0" security is the same as any other type of web security. the
same
> principles apply.
>
> >
> >
> > Thanks
> > _______________________________________________ 
> > Full-Disclosure - We believe in it.
> > Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
>
>
> --
> mike
> 00110001 <3 00110111
> _______________________________________________
> Full-Disclosure - We believe in it. 
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/ 
>


--
---------------------------------------
http://www.secgeeks.com
get a blog on secgeeks :)
register here:-
http://secgeeks.com/user/register
rss feeds :-
http://secgeeks.com/node/feed
Submit you security articles,send them to secgeek@xxxxxxxxxxxx 

http://www.newskicks.com
Submit and kick for new stories from all around the world.
---------------------------------------

------------------------------------------------------------------------
---- 
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/ 

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/