My Security Planet » CGISecurity.com: Your Web Site and Application Security Resource » September 2, 2008

Feeds

13607 items (0 unread) in 75 feeds

• Jeremy Zawodny's blog
• Mozilla Webdev
• Transcendental Technical Travails
• Ian Bicking: a blog
• Hackosis

WebSecurity

• Watchfire Application Security Insider
• BlogSecurity
• sirdarckcat
• Google Online Security Blog
• CGISecurity.com: Your Web Site and Application Security Resource
• Switch/Twitch
• mybeNi websecurity
• cat slave diary
• SecuriTeam Blogs
• Curiouser and Curiouser
• Alex's Corner
• Billy (BK) Rios
• Chris Shiflett
• christian's weblog
• funkatron.com
• GNUCITIZEN
• The Spanner
• hackademix.net
• Ruby on Rails Security Project
• It's a shampoo world anyway
• Web Security Blog
• ha.ckers.org web application security lab
• Yet Another Infosec Blog
• PHP Security Blog
• Security Thoughts
• Sunnet Beskerming Security Advisories
• Disenchant's Blog
• Sylvan von Stuppe
• Larholm.com
• The Turkey Curse
• Jeremiah Grossman
• Anurag Agarwal - Application Security Evangelist
• Ivan Ristic
• deep inside | security & tools
• omg.wtf.bbq.
• BlueHat Security Briefings
• Tactical Web Application Security
• .:Computer Defense:.

Security

• tssci security
• Plynt Penetration Testing Blog
• Michael Howard's Web Log
• Security Retentive
• BindShell.Net
• Dominic White's .tHE pRODUCT
• SecurityFocus News
• Justice League
• Schneier on Security
• Rational Survivability
• terminal23
• 1 Raindrop
• hiredhacker.com
• Matasano Chargen
• Security Vulnerability Research & Defense
• Michael on Security - Musings on Information Security
• Fortify blog
• The Art of Software Security Assessment
• GDS Security Blog
• Vodun.org
• Robert Penz Blog
• Mark Curphey - SecurityBuddha.com
• Liminal states
• Security Ripcord
• ModSecurity Blog
• IBM Internet Security Systems Frequency X Blog
• Suspekt...
• extern blog SensePost;
• Zero in a bit

SEO

• SEO BlackHat: Black Hat SEO Blog
• busin3ss.name

Tools

• Opensourcetesting.org News

CGISecurity.com: Your Web Site and Application Security Resource

• 

  Google releases Chrome Web browser

  Posted: September 2nd, 2008, 3:16pm CDT by Robert

  Tags:  Security Tools   [edit]

  UPDATED: Yet another issue is discovered, this time a DOS. UPDATED: 3 hours later a vulnerability has been published. Google has just released an open sourced browser based on Apple's Webkit. I'm guessing it will be less than 48 hours before the first vulnerability is discovered. Since Safari uses Webkit it...
• 

  Article: SDL Embraces The Web

  Posted: September 2nd, 2008, 11:43am CDT by Robert

  Tags:  CSRF   [edit]

  Bryan Sullivan from Microsoft has posted an article on SDL use to secure web applications. "The Security Development Lifecycle (SDL) team recently released details of the SDL process that has been so successful in helping to make Microsoft products more secure. You can find these documents at microsoft.com/sdl. As you read...
• 

  Which ASP.NET Controls Automatically HTML Entity Output Encodes?

  Posted: September 2nd, 2008, 11:00am CDT by Robert

  Tags:  Defense   [edit]

  Sacha Faust has just published a grid mapping which asp.net controls automatically perform html entity output encoding when used. Link: http://blogs.msdn.com/sfaust/archive/2008/09/02/which-asp-net-controls-automatically-encodes.aspx Grid: http://blogs.msdn.com/sfaust/attachment/8918996.ashx