OWASP
There are 4 entries for the tag
OWASP
Last month I was rather pleased to welcome Troy Hunt into my little band of Developer Security MVPs. He’s been doing a bunch of blog posts on the OWASP Top 10 list for ASP.NET developers. Check them out, he’s almost finished. Technorati Tags: MVP,Security,OWASP,ASP.NET
At the end of the month I’ll be in Dublin delivering “Stop your website being stung” – a guide to the OWASP Top Ten project and how you can secure your ASP.NET site against them at epicenter. There’s a few other MVPs speaking as well including Craig Murphy, the Black Marble boys Richard Fennell and Robert Hogg and that damned Jon “I’m going to answer everything on StackOverflow” Skeet. Two DDD Belfast speakers are reprising their topics, Alex Mackay is giving his standing room only session on VS2010 and Andrea Magnorsky is covering the Monorail MVC package. Tickets are...
I gave my OSWAP presentation to Vista Squad last Wednesday, where Ian Smith kindly (?) videoed it. The other speaker for that evening dropped out, meaning the poor attendees had just me to listen to as I stretched it out to about 100 minutes. The length meant that the video is in two halves. Part 1 from Vista Squad on Vimeo. Part 2 from Vista Squad on Vimeo. The presentation is the same one I gave at WebDD so the slides and code are the same. The feedback on twitter was amusing; ...
After DDD Belfast came WebDD09 where I was presenting on the OWASP Top Ten Project (well I could hardly present at DDD Belfast, I was organising, that seems just a little too egotistical *grin*). You can download the PowerPoint [905kb] and the sample code [432k]. For the person who asked you can download Fritz Onion’s ViewState Decoder. For further reading on XSS Russ McRee republishes his Anatomy of an XSS attack article from the ISSA journal and NG Software have two PDFs, Advanced SQL Injection and More Advanced SQL Injection. With the added bonus of discovering coffee beans...