Some Random Web Application Security Stuff
This was a real nice piece in Network World this week about the top 10 web application vulnerabilities. I liked it because it was a summary of the OWASP top 10 hit parade with real-world examples, including a recent security news headline for each item.
Jeremiah Grossman, of White Hat Security, spoke this week at a local OWASP meeting in Houston and said some scary things about the state of web application security. In short, we're not in good shape right now.
A frightening example was reported last week about an increase in hacking attempts against utilities reported by Information Week, SC Magazine and Secure Works. As utilities, no different than other companies, webify their applications, there's a greater risk of web application vulnerabilities.
Sure, the convenience is fantastic of a web-based applicatin for utility workers to remotely manage facilities while on the road. But those applications can be secured. If they're on the web, anybody -- not just utility workers -- can get to them.
Jeremiah Grossman, of White Hat Security, spoke this week at a local OWASP meeting in Houston and said some scary things about the state of web application security. In short, we're not in good shape right now.
A frightening example was reported last week about an increase in hacking attempts against utilities reported by Information Week, SC Magazine and Secure Works. As utilities, no different than other companies, webify their applications, there's a greater risk of web application vulnerabilities.
Sure, the convenience is fantastic of a web-based applicatin for utility workers to remotely manage facilities while on the road. But those applications can be secured. If they're on the web, anybody -- not just utility workers -- can get to them.
posted by The IT Security Guy at 8:50 AM
0 Comments:
Post a Comment
<< Home