Podcast News

OWASP Podcast News

OWASP NEWS April 2009

OWASP General News
Global Committees progress https://www.owasp.org/index.php/Global_Committee_Pages What should the next OWASP Top 10 contain? http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project Upcoming Conferences http://www.owasp.org/index.php/Category:OWASP_AppSec_Conference Season of Code 2009 http://www.owasp.org/index.php/OWASP_Season_of_Code_2009 Board Mins. http://www.owasp.org/index.php/OWASP_Board_Meetings

OWASP AppSec News

 * 6/1 The State of Web Application and Data Security http://securosis.com/blog/the-state-of-web-application-and-data-security-mid-2009/
 * 6/3 The Encryption Myth http://www.boazgelbord.com/2009/06/encryption-myth.html
 * 6/16 Opera Invites You To Join The Cloud http://www.boazgelbord.com/2009/06/opera-invites-you-to-join-cloud.html
 * 6/16 Google Cloud Told To Encrypt Itself http://www.theregister.co.uk/2009/06/16/google_and_https/
 * 6/20 Nevada Mandates PCI http://www.boazgelbord.com/2009/06/nevada-mandates-pci-standard.html
 * 6/30 OWASP Security Spending Benchmarks Project for Q2 Published http://www.owasp.org/images/f/f0/OWASP_SSB_Q2_Project_Report.pdf

August-September 2009

1. The Top Cyber Security Risks (SANS) http://www.sans.org/top-cyber-security-risks/

2. Google to deliver “Government Cloud” in 2010 http://www.computerworld.com/s/article/9138075/Google_to_deliver_government_cloud_to_feds_in_2010

3. Overcoming Objections to an Application Security Program http://jeremiahgrossman.blogspot.com/2009/08/overcoming-objections-to-application.html

4. Wordpress Bugs…A Disturbing Vulnerability http://preachsecurity.blogspot.com/2009/08/wordpress-bugs-disturbing-vulnerability.html

5. SSL Threat Model http://blog.ivanristic.com/2009/09/ssl-threat-model.html

6. Malware Lingers Months on Infected PCs http://www.theregister.co.uk/2009/09/15/malware_persistence/

7. Are Web Application Security Testing Tools a Waste of Money http://blogs.gartner.com/neil_macdonald/2009/08/25/are-web-application-security-testing-tools-a-waste-of-time-and-money/

8. Application Vulnerability Scanners Should Communicate with Application Firewalls http://blogs.gartner.com/neil_macdonald/2009/08/19/security-no-brainer-9-application-vulnerability-scanners-should-communicate-with-application-firewalls/

9. Flash Cookies and Privacy http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1446862