Advertise Search Members Free Magazines Newest Links Categories Register Login

Application Security Architecture Authentication Certifications Corporate Compliance Cryptology Disaster Recovery Enterprise Security Exploits Firewalls Incident Handling Intrusion Detection Link Directory OS Security Policies and Procedures Security Basics Security Management Security Tools Servers Standards Techie Humor VoIP Vulnerability Management Web Security WIFI Security Worms and Viruses Definition of Web Security Most Popular Sponsor 802.1X Authentication Standard for Network Access Control

Web Security Apache IIS Web Proxy Ten Easy Steps for Email and Web Best Practices ~ Sponsor Whether your organization is a mid-sized company, a small family business, or a publicly traded corporation, any time you allow employees to access the Web and email, you put your organization's assets, future, and reputation at risk. Accidental misuse and intentional abuse - of email and the Internet can create potentially costly and time-consuming legal, regulatory, security, and productivity headaches for any size employer. The ePolicy Institute and MessageLabs have created this business guide to provide best-practices guidelines for developing and implementing effective Email and Web Acceptable Usage Policies for the U.S. workplace. Through the implementation of clearly written Acceptable Usage Policies, employers in the U.S. can maximize employee compliance while minimizing their risk of various electronic and legal disasters. Read the Article Maximizing Security and Performance for Web Browsing: The Challenge for Business ~ Sponsor The challenge for business Spyware, viruses, and other unwanted or unauthorized applications easily infiltrate enterprise networks via web browsing. This paper defines the requirements for effective, manageable security that protects organizations from infection and legal risk, while also meeting end user demands for performance and accessibility. Read the Article Web Application Development: A Guide to Success In this article, I'll take you through the essential phases in the life cycle of a web application project, explain what options you have, and help you formulate a plan for successful web application endeavors of your own. Read the Article Slip Past Content Filters Content filtering software inspects web and FTP requests before they leave the network. Based on the software's rule set, it will either allow or deny the connection. Corporate networks and schools use content filtering to ensure that employees and students cannot access "inappropriate" web content. Filtering applications use three criteria to determine if the client is requesting banned content. The HTTP header is scanned for (1) domain name, (2) IP address and (3) key words. The application hosts a database of all blacklisted content. After the HTTP request is sent from the client, the application compares the HTTP Header to all listings in the database. When a match is found, the application reacts. Read the Article Web Application Security: The Overlooked Vulnerabilities Traditional approaches to web application security, including web application firewalls, and web security modules, can be costly and complex, and do not ultimately protect the entire application stack. Host-based intrusion defense with deep packet inspection is a new approach that addresses the need of organizations to shield vulnerabilities across the entire application stack. Read the Article OWASP.NET Discussion of Web Security Tools29 min 35 sec Dinis Cruz, leader of the OWASP.NET project joins us to talk about .NET, web security tools, the future of OWASP, and Open Source Software. Watch the Video HTTP Response Smuggling This paper presents HTTP Response Smuggling - a way to evade those anti- HTTP response splitting strategies. HTTP Response Smuggling makes use of HTTP Request Smuggling -like techniques to exploit the discrepancies between what an anti- HTTP Response Splitting mechanism would consider to be the HTTP response stream, and the response stream as parsed by a proxy server (or a browser). Read the Article Application Firewall Demonstration, SQL Injection9 min 23 sec The webApp.SECURE application firewall is used to defend web applications from exploit. This video demonstrates its effectiveness in protecting web applications. Watch the Video Web Hacking 10132 min 20 sec MaxieZ gives a basic tutorial on how to approach web application design from a security standpoint. Given at PhreakNIC 9. PhreakNIC is an annual hacker/technology conference in Nashville, TN, put on by the Nashville 2600 Organization and Nashville Linux Users Group Watch the Video Web-Form Submission Security This paper will discuss automated attack methods against web sites utilizing "HTML Forms". An HTML Form is used on web sites requesting data from visitors. Traditionally web sites have been used as a limited medium whereby feedback and user information was requested by email or file uploads. It is now very common to see web sites allowing users to post messages, create accounts, enter information for processing, sign up for mailing lists, vote on topics, etc. All of these are examples of HTML Forms in use. Read the Article Page: 1 2 3 Members currently browsing this category:

Copyright 2008 AttackPrevention