« Google Chrome criticised over lack of security | Main | WASC Threat Classification v2 Project - Call for Participants »

CGISecurity turns 8!

I'm happy to announce CGISecurity's 8th year providing website, and application security news as of today. What started out as an excuse to learn about web based vulnerabilities has really evolved. Here are a few things to put into perspective

- The following terms hadn't been coined yet
        - CSRF/XSRF/Cross-site Request Forgery
        - XST
        - Web 2.0
        - AJAX
        - Silverlight
        - Firefox
        - HTTP Request Smuggling
        - HTTP Response Splitting
        - Session Fixation
        - LDAP Injection
        - The vulnerably used by Code Red/Nimda hadn't yet been discovered
        - 'Google Hacking'. Us old timers called this altavista hacking thanks to the WWW Hack FAQ. Back then altavista was the sniznat.
   - .NET Framework

- WWW-Mobile-Code (later renamed to webappsec@securityfocus) hadn't been created yet
- Cross site scripting was less than a year old
- The term XSS was less than 6 months old
- DOM based XSS hadn't been discovered
- OWASP nor WASC had been formed
- You could still find vulnerable PHF machines (so I've been told :)
- I was getting between 1-10 unique visitors a day compared to the 3,500-4,500 now.
- Web based worms were only theoretical
- XSS was lame (oh wait....)

You get the idea :)


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!