Useful Web Security Documents

Real-World Web Hacking URL's
By Jeremiah Grossman
A complied list of news sources, specific to real-world websites, describing an actual web application security hack. Most media accounts of website hacking incidents contain precious few details about how the compromise was carried out. Only occasionally we'll see descriptions of parameter tampering to uncover someone else's order details or the infamous SQL Injection. These are the links we can directly attribute to web application security failures. more...

Web Security Interview Questions [DOC]
By Ryan Barnett
The goal of this document is to provide appropriate questions for HR/Managers to pose to individuals who are applying for web security related positions. These questions do not have yes or no answers, but rather spark relevant conversation between the applicant and the hiring staff. more...