WebApp Sec mailing list archives
Re: SOA / Web Services security
From: Petko Petkov <ppetkov () gnucitizen org>
Date: Tue, 29 Nov 2005 14:32:15 +0000
Hi sk00t, Web Service Security is one of the gray areas in the computer security industry. There aren't any good tutorials and information sources that are showing practical examples how to break WS. Don't try to read Hacking Exposed or any other book. I suggest to go and read W3 website, mainly the SOAP, WSDL and XML-RPC sections. You also need to learn about XSD and XSI. You can check my website as well: http://www.gnucitizen.org. I will soon put some practical examples on the topic. Cheers! sk00t wrote:
Can someone on the list point me to some good links / books on SOA / Web Services security? This is a relatively new area for me, so I'm not sure if any widely adopted standards exist yet... I'm working on a Forum implementation and need to write some standards / templates for how we deploy SOAP apps. TIA, --sk00t
Current thread:
- SOA / Web Services security sk00t (Nov 29)
- Re: SOA / Web Services security Petko Petkov (Nov 29)
- Re: SOA / Web Services security Eoin Keary (Nov 30)
- Re: SOA / Web Services security Rogan Dawes (Nov 30)
- <Possible follow-ups>
- Re: Re: SOA / Web Services security native (Dec 04)
- Re: SOA / Web Services security Petko Petkov (Nov 29)