Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: [WEB SECURITY] Re: Good resources on Web 2.0
From: "Kasey Cross" <kasey () imperva com>
Date: Fri, 9 Mar 2007 10:43:18 -0800

Hi Justin,

 

Imperva is hosting a webinar on March 14th that goes over Web 2.0
(including AJAX, RSS feeds, collaboration sites & mashups), Web 2.0
security risks, and mitigation techniques. You can sign up for it at
http://imperva.webex.com <http://imperva.webex.com/> . 

 

 

There are also some good resources on the web. For example, this article
covers AJAX security issues: http://www.securityfocus.com/infocus/1868.
And the new OWASP Top Ten 2007 candidate-while not developed for "Web
2.0" apps-covers many of the top Web 2.0 security threats like XSS &
CSRF. It's available at: http://www.owasp.org/index.php/Top_10_2007 

 

Best regards,
Kasey 

 

________________________________

From: Dinis Cruz [mailto:dinis () ddplus net] 
Sent: Thursday, March 08, 2007 9:56 PM
To: crazy frog crazy frog
Cc: michaelslists () gmail com; websecurity () webappsec org;
full-disclosure () lists grok org uk
Subject: Re: [WEB SECURITY] Re: [Full-disclosure] Good resources on Web
2.0

 

There is a good search engine at the OWASP website.

Here is a search for Web 2.0 with results from owasp.org:
http://www.owasp.org/google/results.html?cx=009205368367870198977%3A6sxq
lkety5e&q=web+2.0+more:owasp-only&sa=Search&cof=FORID%3A9

and with results from web application security websites:
http://www.owasp.org/google/results.html?cx=009205368367870198977%3A6sxq
lkety5e&q=web+2.0&sa=Search&cof=FORID%3A9

Dinis Cruz
Chief OWASP Evangelist
http://www.owasp.org 

On 3/9/07, crazy frog crazy frog <i.m.crazy.frog () gmail com> wrote:

secgeeks.com
cgisecurity.com
webappsec.com
securityfocus.com
www.plynt.com

On 3/9/07, Michael Silk <michaelslists () gmail com> wrote:
On 3/9/07, Justin Boem <ktriv3di () msn com > wrote:


List,

I am looking for some good resources on Web 2.0 and Security. I know
this
is a huge topic, but any references to good books, articles, websites,

tools, etc would be great

"web 2.0" security is the same as any other type of web security. the
same
principles apply.



Thanks
_______________________________________________ 
Full-Disclosure - We believe in it.
Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




--
mike
00110001 <3 00110111
_______________________________________________
Full-Disclosure - We believe in it. 
Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/ 



--
---------------------------------------
http://www.secgeeks.com
get a blog on secgeeks :)
register here:-
http://secgeeks.com/user/register
rss feeds :-
http://secgeeks.com/node/feed
Submit you security articles,send them to secgeek () secgeeks com 

http://www.newskicks.com
Submit and kick for new stories from all around the world.
---------------------------------------

------------------------------------------------------------------------
---- 
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/ 

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]