 |
|
|
|
| 1 - 10 of 55 in Expert Technical Advice |
|
<< Previous page 1 2 3 4 5 6 Next >> |
|
The essentials of Web application threat modeling
Submitted By: SearchSoftwareQuality.com | 24 Mar 2008
TIP - A critical part of Web application security is mapping out what's at risk -- or threat modeling. Kevin Beaver outlines the essential steps to get you started.
How to implement security in Java EE and Java ME
18 Jul 2007
EXPERT ANSWER - Web application security in Java EE and Java ME is aided by security architectures inherent in each platform. Expert Ramesh Nagappan explains how to understand these architectures and use them to achieve Java security.
Protection against "zero-minute" exploits
Submitted By: SearchAppSecurity.com | 11 Jan 2007
TIP - The gap of time between a vulnerability's discovery and an attack on that vulnerability is shrinking. Amir Peles delves into "zero-minute" exploits and offers a plan for defense.
Breaking the same origin barrier of JavaScript
Submitted By: SearchAppSecurity.com | 11 Jan 2007
TIP - If a hacker exploits an XSS vulnerability on a Web site, he can get around the "same origin" policy in a user's browser and log keystrokes, steal cookies, modify data and more.
Denial of service and Ajax
22 Dec 2006
EXPERT ANSWER - A denial of service attack can be induced with Ajax in a number of ways. Experts Billy Hoffman and Caleb Sima explain how these exploits may occur.
CSRF attack vector with Ajax serialization
Submitted By: SearchAppSecurity.com | 18 Dec 2006
TIP - Web 2.0 applications are increasingly at risk to cross-site request forgery (CSRF) attacks. Shreeraj Shah explains what those risks are and how you can prevent such attacks.
Application security in 2007: What you need to know
Submitted By: SearchAppSecurity.com | 14 Dec 2006
TIP - Behavioral analysis will emerge as the weapon of choice when combating even more sophisticated application attacks, predicts expert Amir Peles.
Cross-site request forgery: How this Web exploit works
16 Nov 2006
EXPERT ANSWER - Cross-site request forgery is a major threat to Web security, and most Web sites aren't equipped to handle this exploit. Expert Jeremiah Grossman explains how CSRF works.
Obfuscation may prevent reverse engineering
03 Nov 2006
EXPERT ANSWER - Reverse engineering can reveal all of the source code in your .NET applications. Expert Dan Cornell recommends code obfuscation as a protective measure.
Understanding XPath injection
31 Oct 2006
EXPERT ANSWER - XPath injection is similar to SQL injection and other injection attacks, but this XML exploit has its own unique set of issues. Web services expert Rami Jaamour details how these exploits work -- and how you can avoid them.
|
| 1 - 10 of 55 in Expert Technical Advice |
|
<< Previous page 1 2 3 4 5 6 Next >> |
|
|
|
|
|
|
|
