CGISecurity Logo

Topics

Tags

  • Rolling Reviews: SPI Dynamics WebInspect

    Posted by Robert A on

    in
    | |

    For a long long time I have intentionally not posted news about commercial products or services however know that many of you who frequent this site are interested in those sorts of things. Part of the reason why I haven’t posted news on commercial products is that I used to work for a vendor and…

  • Using industry best practices for effective security training

    Posted by Robert A on

    in
    | |

    "Improved employee understanding of appropriate behaviors and best practices for enhanced information security reduces security risks and helps ensure compliance with regulations such as Sarbanes-Oxley, HIPAA, the Payment Card Industry Data Security Standards (PCI DSS) and others. But merely providing security training is not enough. Organizations need to know if training programs have been successful…

  • Laws Threaten Security Researchers

    Posted by Robert A on

    in
    | |

    "What if a Web researcher found a bug on your Website today — but was too afraid of the law to tell you? The Computer Security Institute (CSI) recently formed a working group of Web researchers, computer crime law experts, and U.S. Department of Justice agents to explore the effects of laws that might hinder…

  • IIS 5.x Vuln Exploit released

    Posted by Robert A on

    in
    | |

    I just found out about this myself and hadn’t seen any news on it so posting it here (better late than never!). A vulnerability has been discovered in IIS5 that Microsoft apparently isn’t going to fix allowing an attacker to gain accesses to resources behind NTLM and Basic Auth. Microsoft is suggesting upgrading to IIS6…

Favorite Links

Twitter

Twitter

Popular Pages

WASC Threat Classification

Copyright 2000-2026 CGISecurity.com – The oldest application security site online, predating OWASP.