Login  |  Register  |  Contact

Webcast of Thursday: Web Application Vulnerabilities

This Thursday I'll be giving a webcast for Core Security on Integrating Web Applications into Your Vulnerability Management Program.

You can register for it over here at WhiteHatWorld.com, and here's the description:

Along with end-user systems, web applications often present the "weakest link" to attackers targeting sensitive data. However, while many security professionals conduct endpoint vulnerability assessments, fewer adequately manage their web application vulnerabilities. Please join Core Security and Rich Mogull, founder of Securosis and former Gartner analyst, for a discussion of how to proactively assess your web applications against data breach threats. You"ll learn:
  • Which web-based attacks are posing the greatest risks to organizations today.
  • When and where to integrate web apps into your broader vulnerability assessments.
  • Why static analysis can miss critical exposures — and how you can fill the gaps.

—Rich

Posted at Monday 12th May 2008 6:57 am Filed under: app securitymiscnon-geek

Previous entry: Train Like You Fight | | Next entry: GRC is Dead

Comments:

If you like to leave comments, and aren't a spammer, register for the site and email us at info@securosis.com and we'll turn off moderation for your account.

By Osama Salah  on  05/12  at  09:10 AM

Pretty much any security presentation declares its topic to be the "weakest link". Any system has a "weakest link", but "weak" doesn’‘t really express anything, it’s a relative term. The weakest link in a system could still be far "stronger" than the strongest part of another similar system. I wish we could stay away from such terms and others like "best practices" etc.

But in your defense you didn’‘t broadly spread the term out but confined it in the context to an attacker targeting a system.

And if you are going to mention DLP in that webcast, I’‘m going to shoot myself ;-)
Your DLP article in the information security magazine was very informative.

rgds
OS

By rmogull  on  05/12  at  08:14 PM

Osama,

No matter how hard I try, marketing will always throw those things back in.

Besides, "best practices" has a real, useful definition I’‘ve posted about before (okay, 3 definitions). And the weakest link matters in security since that’s typically what breaks first. We can’‘t eliminate them, but just knowing where they are is a big help.

Page 1 of 1 pages

Name:

Email:

Remember my personal information

Notify me of follow-up comments?

Submit the word you see below: