[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] application attacks

From: "AF" <newsalaksa@xxxxxxxx>
Subject: Re: [WEB SECURITY] application attacks
Date: Mon, 17 Jul 2006 21:25:31 +0200


Hi there!

I think the mistake is in this sentence:

Now, every developer know how to protect their web applications against application attacks such as SQL Injection,XSS, HTTP smuggling, and others. So could someone give me some clear image about that. What's wrong?

The question is "Who's wrong ?" The answer is : You. : )

That's a fact: many web developpers still don't know how to implement security principles. Many don't even know security principles exist!

So when it comes to sql injection, xss, splitting, applogic, and so on... well... there's still a lot of work ahead of us to do. This applies to almost every industry!

Pentesting, for fun, but also teaching and spreading the information around us, as much as we can. That's it. That's what we can (have to?) do.

@ntoine

---------------------------------------------------------------------------- The Web Security Mailing List: http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/archive/ http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Follow-Ups:
- RE: [WEB SECURITY] application attacks
  - From: Dennis Hurst
- RE: [WEB SECURITY] application attacks
  - From: Andre Maisonneuve

References:
- [WEB SECURITY] application attacks
  - From: shadi Aljawarneh

Prev by Date: [WEB SECURITY] application attacks
Next by Date: RE: [WEB SECURITY] application attacks
Previous by thread: [WEB SECURITY] application attacks
Next by thread: RE: [WEB SECURITY] application attacks
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site