As much as Web 2.0 and cloud are getting the spotlight I still believe that we haven't gotten our arms around the...
basics of Web security. Be it OWASP adoption, integrating security in the SDLC, or getting developers/QA staff the proper security training we've still got a long way to go. Unless and until we can address the basics with input validation, securely logging in users, and controlling who can do what/where inside the application we're not going to be able to move on to the next big thing and feel good about it.
While no one could claim to a completely accurate estimation of what the future has in store for Web 2.0 applications or their security, I strongly suggest that serious developers for Web 2.0 applications keep their understanding fresh and relevant. To help you build and maintain these skills I have assembled a list of helpful tips and tutorials (located below) on Web 2.0 applications.
- How to get management on board with Web 2.0 security issues
Ways to get management buy-in for Web 2.0 security testing and quality assurance and to bolster application security before deployment are given in this tip.
- Rich Internet applications security testing checklist
Fix common RIA and Web 2.0 application problems caused by Ajax, Flash and other technologies with these tips.
- Spotting rich Internet application security flaws with WebGoat
Learn how Web 2.0. and other rich internet application security flaws are missed by automated tools that can easily be spotted with webgoat and similar free online tools.
Dig Deeper on Software Security Testing Tools
Related Q&A from Kevin Beaver
Knowing how to test for security flaws is vital, but it's a complicated and changing field. Expert Kevin Beaver offers security testing basics.continue reading
How do self-healing networks function? Expert Kevin Beaver looks at the benefits such a network has to offer, as well as the key concepts ...continue reading
While there are numerous security benefits to a DNSSEC implementation, there are drawbacks as well. Expert Kevin Beaver explains.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.