SEARCH RESULTS
 
Showing 1-4 of 4 records
1
 
Expand article

The Business Case for WAFs + Testing

2008-06-19 18:09:06 by Bill in Grumpy Security Guy
 
...WAFs, although none in an actual deployed state (othe Penetration Test vs. Assessment This terminology has always been a peeve of mine. People asking for a penetration test rarely want a 5 Lessons on Public Disclosure From Elliot Spitzer Review: The Web Application Hackers Handbook Post from: Grumpy Security Guy The Business Case for WAFs +...
 
Tags: application, web application security, security, massive application, mod security, web application firewall, web site security, robust solution, solution
 
 
 
 
Expand article

The Big Announcement

2008-03-13 00:03:25 by Bill in Grumpy Security Guy
 
...WAFs, bleh. Plus I mean didnt we already try scanners + WAFs before? Oh yeah the total trainwreck that was AVDL.So one thing I failed to realize was that Jeremiahs approach is a bit different and when combined with WhiteHat Sentinel (aka NOT a scanner) it is a no brainer WAFs generally struggle in a few different areas, the people running...
 
Tags: vulnerabilities asap, vulnerabilities, app, web app, web application vulnerabilities, vulnerability, sentinel, business, default deny policy
 
 
 
 
Expand article

Security Briefing: June 18th

The Article has images
2008-06-18 13:47:09 by Dave Lewis in Liquidmatrix Security Digest
...WAFs do not block | Jeremiah Grossman VoIP providers to get full 911 access with bills passage | Ars Technica Being a Government Security CISO: Life in the Fishbowl | Bloginfosec Current cyber-security defences ineffective ( deduct 10 points for use of cyber ) | vnunet Tags: News , Daily Links , Security Blog , Information Security , Security...
 
Tags: security news, news, government security ciso, microsoft patch resolves, bills passage, instant trojan, jeremiah grossman, ars technica, attractive targets
 
 
 
 
Expand article

Links for 2008-07-11 [del.icio.us]

2008-07-12 00:00:00 by Editor in Anton Chuvakin Blog -
 
...WAFs protect against business logic flaws Not Bad For a Cubicle Blog Archive On Compliance If it sounds like a duck, quacks like a duck its Security. I believe IRM is a marketing scheme for non-security professional to dictate security controls through business models. Security does use risk management principles to identify threats and...
 
Tags: security, non-security professional, desktop security, payment card security, security controls, internet security, news blog, tech news blog, siem products
 
 
 
 
 
Showing 1-4 of 4 records
1
 
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia