Saturday, October 22, 2005
Web application assessment is a challenging task for security analysts. Several products and tools are available, each claiming to perform automated analysis on entire applications. Their capabilities include obtaining data, corroborating it, and printing aesthetically appealing reports--all without user intervention.
The nature of web applications is very different from that of standard applications. Many times, these tools miss key vulnerabilities in the application. The best way to perform web application assessment is by using the unassailable combination of automated tools and human intellect. This article examines the LiveHTTPHeaders project, which fits seamlessly into Mozilla browser components to facilitate very effective web application assessment.
Posted by shreeraj at 6:41 AM
Thursday, October 06, 2005
Title: WEB SERVICES SECURITY CHESS:STRATEGIES FOR COMBAT AND SHIELDS FOR DEFENSE
Attack is the best way to know your defense. Knowledge of attack methodology, tools and defense strategies are most critical before creating shield for your ultimate defense. This presentation encompasses all three dimensions (Methodology, Tools and Strategies) with innovative researched approach and live demonstrations. UDDI, SOAP and WSDL are pawn, knight and queen of this new chess board.
1.Imparting web services assessment methodology and demonstrate approach with live application. 2.Leveraging tools and creating your own tool on the fly while performing your work on web services. 3.Build ultimate defense for your web services by leveraging content filtering and secure coding for web services.
Posted by shreeraj at 11:59 PM