-
Payment Card Industry (PCI) Mandate Stresses Importance of Web Application Security: Recommended Becomes Required
"On June 30, another refresh of the Payment Card Industry (PCI) Data Security Standards (PCI DSS) will upgrade Web application security testing from a best practice to a mandatory practice. The deadline forces merchants and vendors to take a closer look at application-layer security and emphasizes its importance in fighting increasing online threats. The Payment…
-
Microsoft Patch Tuesday: Microsoft releases four critical patches
"Microsoft has issued seven patches addressing 10 vulnerabilities, including four rated 'critical' as part of this months patching cycle. The critical patches apply to its Windows operating system (OS), Internet Explorer (IE) and, unusually, a Bluetooth component. The Bluetooth patch, MS09-030, targets a third-party ActiveX control that comes bundled with Logitech hardware, including its mice…
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack