As much as Web 2.0 and cloud are getting the spotlight I still believe that we haven't gotten our arms around the basics of Web security. Be it OWASP adoption, integrating security in the SDLC, or getting developers/QA staff the proper security training we've still got a long way to go. Unless and until we can address the basics with input validation, securely logging in users, and controlling who can do what/where inside the application we're not going to be able to move on to the next big thing and feel good about it.
While no one could claim to a completely accurate estimation of what the future has in store for Web 2.0 applications or their security, I strongly suggest that serious developers for Web 2.0 applications keep their understanding fresh and relevant. To help you build and maintain these skills I have assembled a list of helpful tips and tutorials (located below) on Web 2.0 applications.
- How to get management on board with Web 2.0 security issues
Ways to get management buy-in for Web 2.0 security testing and quality assurance and to bolster application security before deployment are given in this tip.
- Rich Internet applications security testing checklist
Fix common RIA and Web 2.0 application problems caused by Ajax, Flash and other technologies with these tips.
- Spotting rich Internet application security flaws with WebGoat
Learn how Web 2.0. and other rich internet application security flaws are missed by automated tools that can easily be spotted with webgoat and similar free online tools.
Dig Deeper on Topics Archive
Related Q&A from Kevin Beaver
Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective ... Continue Reading
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.