WebApp Sec mailing list archives

Re: Academic papers on Web application security

From: "mike andrews" <mike.bugbox () gmail com>
Date: Wed, 7 Jun 2006 19:59:28 -0700

Probably not exactly what you are after, but the next issue of IEEE
Security and Privacy magazine is specifically on web application
security.  I mention it, because some of the other people on this
mailing list may be interested.

http://www.computer.org/security

All articles for IEEE are peer-reviewed (this issue no exception), but
as usual for a special issue I invited people to write on particular
topics (an open call went out ages ago, although I had very few
proposals back - I picked these as I thought they would link together
to tell a good "story").  We have...

* JD Meier on Web Application Security Engineering - the do's and
don'ts of developing secure apps

* John Viega and Jerry Epstine's When bad things happen to good web
services - if a developer were to pick up "standards-based" technology
and use it can they be more or less secure?

*Mark Curphey and Rudolph Araujo looks at the pros and cons of QA
security tools

* Denis Verdon discusses how to CYA against the potential legal
fallout of a bad web app through policies.


Cheers,
Mike.

On 6/6/06, Benjamin Livshits <livshits () cs stanford edu> wrote:

I recenly put together a list of academic peer-reviewed publications in the
field of Web application security:

       http://suif.stanford.edu/~livshits/work/griffin/lit.html

Let me know if there are other papers I should add.

-Ben


-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. Change the way you
think about application security testing - See for yourself.
Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
--------------------------------------------------------------------------


-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web applicationsecurity testing suite, and the only solution to provide comprehensiveremediation tasks at every level of the application. Change the way youthink about application security testing - See for yourself.Download a Free Trial of AppScan 6.0 today!


https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
--------------------------------------------------------------------------

Current thread:

Academic papers on Web application security Benjamin Livshits (Jun 07)
- Re: Academic papers on Web application security mike andrews (Jun 08)