Dailydave: Web Application Best Practices

[dave <dave () immunitysec com>]

So as far as I can tell, there's no single document that has a coherent 
"Best Practices" for web application security at the CISO level. There's 
lots of things that tell you what ASP.NET API to use to avoid SQL 
Injection, but nothing high level. Anyways, so I wrote a talk for the 
OWASP AppSec conference this weekend that was supposed to be me picking 
the current Best Practices documents apart, but since there wern't any, 
I had to write them first.
Hopefully no one will laugh too hard when I present what I've got. But 
if you're in town, feel free to come give it a look-see. :>
Ooh, I also got structures working for MOSDEF, and wrote a generic 
fix_heap shellcode for Windows. So it's not all .sxi slideshows and 8a 
paperwork.
-dave


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave