In this edition of the Mighty Seek podcast I give a rundown of podPress and list out some ideas for the future podcasts. The site now has a forum for the podcast and general web application security discussion.
In part 2 we discuss the planning and deliverables involved when doing a security engagement. Most of the discussion demonstrates the importance of understanding the boundaries, requirements and deliverables from the start.
The first of two shows featuring my co-workers, Joe and Scott.
This show was recorded in the evening at our hotel room, so the sound quality is less than ideal. We are onsite in Texas doing a security engagement for a client, and get tired and wacky but wanted to share what goes into doing a security audit for a client.
In this podcast I ramble on about what network security is, and then how web application security is an entirely different kind of beast.
With Cross Site Scripting (XSS) the focus changes away from server attacks to user attacks facilitated by the server. This podcast covers the issues involved and additional show notes will be coming shortly.
While your waiting, here is a great resource.
http://www.cgisecurity.com/articles/xss-faq.shtml
Software Development Life Cycle (SDLC) is a major buzz word in the industry right now, but what many are still ignoring is how well a security design/plan can be integrated. This podcast and slideshow hopes to explain how this gets done.
In this podcast we have our first guest lecturer by way of a previously recorded slideshow from Mike Shema. In the presentation he gives an overview of SQL Injection attacks and has a few examples. I think the the content is still valuable even without the slides, but for the full experience of the presentation you may want to see it for youselves.
Free whitepapers and presentations about web application security, by NT OBJECTives.
A discussion to show that a database administrator must not shirk his duties over to the web application developer, and the web application developer should not seize full control over the database as is normally the case. Database administrator have a key role to play when developing a secure and robust web application.
What is Web Application Security?
In this I attempt to give a very basic explaination of what web app sec is about and why its new and less familiair.
Discussion about my involvement with podcastalley.com, using castblaster and my excitement with podcasting. Then I kick off a Web App Security 101
