Difference between revisions of "Research for SharePoint (MOSS)"

From OWASP
Jump to: navigation, search
Line 21: Line 21:
 
** [http://www.denimgroup.com/media/pdfs/DenimGroup_SecuringSharePoint_TASSCCTEC2009_20090326.pdf Securing SharePoint (PDF Format)] - TASSCC Technology Education Conference in Austin, March 26, 2009
 
** [http://www.denimgroup.com/media/pdfs/DenimGroup_SecuringSharePoint_TASSCCTEC2009_20090326.pdf Securing SharePoint (PDF Format)] - TASSCC Technology Education Conference in Austin, March 26, 2009
 
** [http://www.denimgroup.com/media/pdfs/DenimGroup_SecuringSharePoint_TRISC_20090324.pdf Securing Sharepoint (PDF Format)] - Texas Regional Infrastructure Security Conference (TRISC) in Austin, March 24, 2009
 
** [http://www.denimgroup.com/media/pdfs/DenimGroup_SecuringSharePoint_TRISC_20090324.pdf Securing Sharepoint (PDF Format)] - Texas Regional Infrastructure Security Conference (TRISC) in Austin, March 24, 2009
 +
** [http://sp.meetdux.com/archive/2009/07/08/a-primer-to-sharepoint-security.aspx A Primer to SharePoint Security] - video
  
 
==== Other interesting resources====
 
==== Other interesting resources====

Revision as of 12:47, 14 January 2010

This page contains research notes on Microsoft's SharePoint MOSS and WSS

Resources

Microsoft resources

Other Resources and Documentation

Presentations

Other interesting resources

Other Blogs and Articles

Security related technical articles


Published Security issues

SharePoint related vulnerabilities and its status


MOSS Security related WebParts, Tools & services

Open Source

Commercially Supported


Dangerous MOSS APIs

Map the security implications of MOSS APIs, for example:

  • which APIs (if badly used)are vulnerable to: XSS, CSRF, SQL Injection
  • configuration settings that have security implications


WebParts Security

  • Security ratings & mappings of MOSS Deployed Web Parts
  • Security ratings & mappings of 3rd Part Web Parts