|
|
|
The 80/20 Rule for Web Application Security
|
|
Hits: 7 |
|
Date added: 11/28/2007 |
|
After performing hundreds of web security assessments you're bound to encounter many frighteningly insecure websites. Websites so badly protected you could literally make off with the credit card numbers in a way reminiscent of the movie Gone in Sixty Seconds. On the other hand there are many websites frustratingly impervious to attack. What I'll describe below are the subtle variations between the security haves and have-nots . Using the age old 80/20 rule , we'll look at a few techniques anyone can use to decrease the risk of their website being hacked. And to make it really easy you won't have to alter a single line of code! But before jumping too far ahead lets first discuss the 80/20 rule. |
|
|
|
|
|
|
TestingWeb Services by XML Perturbation
|
|
Hits: 1 |
|
Date added: 12/01/2007 |
|
The eXtensible Markup Language (XML) is widely used
to transmit data across the Internet. XML schemas are used
to define the syntax of XML messages. XML-based applications
can receive messages from arbitrary applications, as
long as they follow the protocol defined by the schema. A
receiving application must either validate XML messages,
process the data in the XML message without validation,
or modify the XML message to ensure that it conforms to
the XML schema. A problem for developers is how well the
application performs the validation, data processing, and,
when necessary, transformation. This paper describes and
gives examples of a method to generate tests for XML-based
communication by modifying and then instantiating XML
schemas. The modified schemas are based on precisely defined
schema primitive perturbation operators. |
|
|
|
|
|
|
Techniques for Improving the Performance of Signat
|
|
Hits: 2 |
|
Date added: 09/02/2007 |
|
Techniques for Improving the Performance of Signature-Based Network Intrusion Detection Systems |
|
|
|
|
|
|
TCPDump Manual
|
|
Hits: 4 |
|
Date added: 07/02/2005 |
|
|
|
|
|
