Full Disclosure mailing list archives
Re: [WEB SECURITY] Re: Good resources on Web 2.0
From: "Kasey Cross" <kasey () imperva com>
Date: Fri, 9 Mar 2007 10:43:18 -0800
Hi Justin, Imperva is hosting a webinar on March 14th that goes over Web 2.0 (including AJAX, RSS feeds, collaboration sites & mashups), Web 2.0 security risks, and mitigation techniques. You can sign up for it at http://imperva.webex.com <http://imperva.webex.com/> . There are also some good resources on the web. For example, this article covers AJAX security issues: http://www.securityfocus.com/infocus/1868. And the new OWASP Top Ten 2007 candidate-while not developed for "Web 2.0" apps-covers many of the top Web 2.0 security threats like XSS & CSRF. It's available at: http://www.owasp.org/index.php/Top_10_2007 Best regards, Kasey ________________________________ From: Dinis Cruz [mailto:dinis () ddplus net] Sent: Thursday, March 08, 2007 9:56 PM To: crazy frog crazy frog Cc: michaelslists () gmail com; websecurity () webappsec org; full-disclosure () lists grok org uk Subject: Re: [WEB SECURITY] Re: [Full-disclosure] Good resources on Web 2.0 There is a good search engine at the OWASP website. Here is a search for Web 2.0 with results from owasp.org: http://www.owasp.org/google/results.html?cx=009205368367870198977%3A6sxq lkety5e&q=web+2.0+more:owasp-only&sa=Search&cof=FORID%3A9 and with results from web application security websites: http://www.owasp.org/google/results.html?cx=009205368367870198977%3A6sxq lkety5e&q=web+2.0&sa=Search&cof=FORID%3A9 Dinis Cruz Chief OWASP Evangelist http://www.owasp.org On 3/9/07, crazy frog crazy frog <i.m.crazy.frog () gmail com> wrote: secgeeks.com cgisecurity.com webappsec.com securityfocus.com www.plynt.com On 3/9/07, Michael Silk <michaelslists () gmail com> wrote:
On 3/9/07, Justin Boem <ktriv3di () msn com > wrote:List, I am looking for some good resources on Web 2.0 and Security. I know
this
is a huge topic, but any references to good books, articles, websites,
tools, etc would be great "web 2.0" security is the same as any other type of web security. the
same
principles apply.Thanks _______________________________________________ Full-Disclosure - We believe in it. Charter:http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/-- mike 00110001 <3 00110111 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- --------------------------------------- http://www.secgeeks.com get a blog on secgeeks :) register here:- http://secgeeks.com/user/register rss feeds :- http://secgeeks.com/node/feed Submit you security articles,send them to secgeek () secgeeks com http://www.newskicks.com Submit and kick for new stories from all around the world. --------------------------------------- ------------------------------------------------------------------------ ---- Join us on IRC: irc.freenode.net #webappsec Have a question? Search The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/ Subscribe via RSS: http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: [WEB SECURITY] Re: Good resources on Web 2.0 Kasey Cross (Mar 09)
- Re: [WEB SECURITY] Re: Good resources on Web 2.0 bugtraq (Mar 11)
- Re: [WEB SECURITY] Re: Good resources on Web 2.0 czino2 (Mar 11)
- Re: [WEB SECURITY] Re: Good resources on Web 2.0 bugtraq (Mar 11)