Difference between revisions of "OWASP Newsletter 3"

From OWASP
Jump to: navigation, search
(OWASP references in the Media)
(Latest additions to the WIKI)
Line 20: Line 20:
  
 
== Latest additions to the WIKI ==
 
== Latest additions to the WIKI ==
 +
==== New Pages ====
 +
* [[PDF Attack Filter for Apache mod rewrite]] - PDF Attack Filter for Apache mod rewrite, served by Apache with mod_rewrite installed.
 +
* [[Struts XSLT Viewer]]
 +
* [[Reviewing code for XSS issues]]
 +
* [[OWASP WebScarab NG Project Technical Info]], if you want to know what is happening under the hood of the new version of WebScarab
 +
* with some content [[Portuguese]] (new chapter), [[All clients can be reverse engineered, monitored, and modified]], [[Native Methods]], [[Long long ago...]], [[Java applet code review]]
  
 
==== Updated pages ====
 
==== Updated pages ====

Revision as of 14:43, 22 January 2007

Using the same format as used in OWASP Newsletter 1 and OWASP Newsletter 2 this is the page that will be used for the next Newsletter

Contents

OWASP News

{....}

OWASP Projects that need your help

Featured Projects:

OWASP Java Project

Latest additions to the WIKI

New Pages

Updated pages

OWASP Community


Application Security News

  • Web Application Security Professionals Survey (Jan. 2007) - Jeremiah Grossman just released his survey with lots of very interresting data. Make sure you check out section '11) Top 3 web application security resources' which is a nice database of the most popular vulnerability assessment tools and knowledge resources (#1 was RSnake's Blog, and #2 was OWASP :) )
  • Don't take security advice from the devil you know! - He lies. Especially about security flaws. This article notes an increase in vulnerabilities found in open source packages and concludes that... "For the personal sites and the mom-and-pop stores that rely on the software, it certainly affects them," Martin said. "But larger companies likely aren't affected." Right.

OWASP references in the Media