The hacks are continuing to take place on more and more critical sites. Mysql.com hacked, serving malware – These type of hacks against critical open source project websites/servers are a problem that few projects are…
Sorry for the missing posts the last couple of weeks, I need to figure out how to manage these weekly posts during travel periods. So this week will include a couple items from the missing…
This talk was previously mentioned, but now a recorded video is available. Not Your Granddads Web App The next generation of applications have started to rule the web, and they look very different from their…
Conference: B-Sides Las Vegas Title: Cultural Cues from High Risk Professions Speaker: Gal Shpantzer In this B-Sides LV talk,Gal Shpantzer employed the Swiss cheese model of catastrophe as a parallel for the information security industry. The model was originally developed by James…
Conference: B-Sides Title: History of Physical Security Speaker: Schuyler Towne This was a great entertaining talk. This guy enters my pantheon along with Joseph McCray (conspicuous in his absence this year) as a must-attend for…
Welcome to “Surviving the Week”! Each week I will be collecting the top news/stories/articles/blog_posts related to application security. These may not always be the big headlines or directly focused on application security, but they will…
Conference: B-Sides Title: Are There Still Wolves Among Us? Speaker: Val Smith from AttackResearch This post is part of our series where we are summarizing some of our favorite talks from Black Hat, B-Sides and…
A “Web Application Firewall” is not a “Firewall”! Why are “Web Application Firewall’s” (WAF’s) called “Firewalls”? I think the term firewall was initially used by vendors because it was something already allocated in their potential customers’…