Difference between revisions of "Podcast 32"

From OWASP
Jump to: navigation, search
m
m
Line 3: Line 3:
 
OWASP NEWS May 2009 (part 1)<br/>
 
OWASP NEWS May 2009 (part 1)<br/>
 
Recorded June 11th, 2009<br/>
 
Recorded June 11th, 2009<br/>
 +
Published July 21th, 2009<br/>
  
 
  [http://itunes.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=300769012 http://images.apple.com/itunes/overview/images/overview-icon-itunes20081106.jpg] [http://www.owasp.org/download/jmanico/podcast.xml https://www.owasp.org/images/d/d3/Feed-icon-32x32.png] <!-- [http://www.owasp.org/download/jmanico/owasp_podcast_32.mp3 mp3] -->
 
  [http://itunes.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=300769012 http://images.apple.com/itunes/overview/images/overview-icon-itunes20081106.jpg] [http://www.owasp.org/download/jmanico/podcast.xml https://www.owasp.org/images/d/d3/Feed-icon-32x32.png] <!-- [http://www.owasp.org/download/jmanico/owasp_podcast_32.mp3 mp3] -->

Revision as of 19:15, 21 July 2009

OWASP Podcast Series #32

OWASP NEWS May 2009 (part 1)
Recorded June 11th, 2009
Published July 21th, 2009

overview-icon-itunes20081106.jpg Feed-icon-32x32.png 

Participants

Host: Jim Manico
Copy Editors: Andre Gironda and Boaz Gelbord
Participants: Jeff Williams, Boaz Gelbord, Arshan Dabirsiaghi, Andrew van der Stock

Articles

5/1 Mythbusting – Secure Code is Less Expensive to Develop http://jeremiahgrossman.blogspot.com/2009/05/mythbusting-secure-code-is-less.html
5/1 Getting started with the PHP-IDS Intrusion Detection System http://www.h-online.com/security/Getting-started-with-the-PHPIDS-intrusion-detection-system--/features/113163
5/5 http://nickcoblentz.blogspot.com/2009/05/light-weight-code-review-as-you-program.html
5/4 Using Denial of Service for Hacking http://ha.ckers.org/blog/20090504/using-denial-of-service-for-hacking/
5/4 OWASP ISWG
Struts 2/WebWork Gap Analysis :http://nickcoblentz.blogspot.com/2009/05/owasp-iswg-struts-2webwork-gap-analysis.html http://nickcoblentz.blogspot.com/2009/05/struts-2-security-addons-code.html
Apache Struts 1.x AUTOCOMPLETE bug/debate https://issues.apache.org/struts/browse/STR-2810
5/4 Best Practice
Consider External Data Feeds Untrusted http://www.veracode.com/blog/2009/05/best-practice-consider-external-data-feeds-untrusted/
5/4 Protection against Forceful Browsing http://coding-insecurity.blogspot.com/2009/05/protection-against-forceful-browsing.html
5/5 Moth - A new release from the w3af project http://www.mail-archive.com/w3af-develop@lists.sourceforge.net/msg00369.html http://security-sh3ll.blogspot.com/2009/05/moth.html
5/6 Enter Formjacking http://i8jesus.com/?p=48
5/8 8 Reasons Why Website Vulnerabilities Are Not Fixed http://jeremiahgrossman.blogspot.com/2009/05/8-reasons-why-website-vulnerabilities.html
5/8 SQL Injection Lessons from X-Force Emergency Response Service Investigations http://blogs.iss.net/archive/sql-injection-ers.html
5/12 Delay of FTC Red Flag Rule http://www.bankinfosecurity.com/articles.php?art_id=1457
5/13 Effective Account Lockout http://coding-insecurity.blogspot.com/2009/05/effective-account-lockout.html