Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Web Application Best Practices

From: dave <dave () immunitysec com>
Date: Fri, 18 Jun 2004 14:58:21 -0400
So as far as I can tell, there's no single document that has a coherent "Best Practices" for web application security at the CISO level. There's lots of things that tell you what ASP.NET API to use to avoid SQL Injection, but nothing high level. Anyways, so I wrote a talk for the OWASP AppSec conference this weekend that was supposed to be me picking the current Best Practices documents apart, but since there wern't any, I had to write them first.
Hopefully no one will laugh too hard when I present what I've got. But if you're in town, feel free to come give it a look-see. :>
Ooh, I also got structures working for MOSDEF, and wrote a generic fix_heap shellcode for Windows. So it's not all .sxi slideshows and 8a paperwork. 

-dave


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: